JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Solaris Smartcard Administration Guide
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

1.  Solaris Smartcard Overview

2.  Getting Started With Solaris Smartcard

Starting the Smartcard Console

To Start the Smartcard Console From the Command Line

To Start the Smartcard Console From the CDE Desktop

Setting Up for Smartcard Login

To Add a Card Reader (Console)

To Add Support for a New Card Type (Console)

To Add Support for a New Card Type (Command Line)

To Load the Smartcard Applet to a Smart Card (Console)

To Load the Smartcard Applet to a Smart Card (Command Line)

To Set Up a User Profile (Console)

To Set Up a User Profile (Command Line)

To Verify a PIN for a Smart Card

To Change the PIN on a Card (Console)

To Change the PIN on a Card (Command Line)

To Enable Smartcard on a System (Console)

Setting Timeout and Card Removal Actions

To Set Smartcard Timeouts (Console)

To Set Card Removal Options (Console)

3.  Adding or Removing a Card Reader

4.  Troubleshooting

Glossary

Index

Setting Timeout and Card Removal Actions

If you don't want to use the default values for Smartcard timeouts and card removal actions, you can change the values. The procedures for changing the values are described in the following sections.

To Set Smartcard Timeouts (Console)

  1. Verify that the ocfserv daemon is enabled.

    The following command provides the status of the service.

    % svcs network/rpc/ocfserv

    Note - Before you make any changes to Smartcard, you must make sure that the ocfserv daemon is enabled.

  2. (Optional) If necessary, as root, enable the ocfserv daemon.
    # svcadm enable network/rpc/ocfserv
  3. Select OCF Clients in the Navigation pane.
  4. Select the Desktops icon in the Console pane.
  5. Choose Properties in the Action menu.
  6. Select the Timeouts tab in the dialog box.

    The Configure Clients dialog box is displayed.

  7. Select the Timeouts tab in the Configure Clients dialog box.
  8. Adjust the timeouts by using the mouse to slide the indicator for each timeout.

    • Card Removal Timeout – Specifies the number of seconds the desktop waits after a smart card is removed before locking the screen. The card removal timeout only applies if the “Ignore Card Removal” box is not checked under the options tab. If Card Removal Logout Wait is set to 0, a user is never logged out. The screen remains locked until the user reauthenticates to unlock the screen.

    • Reauthentication Timeout – Specifies the number of seconds the Reauthentication screen is displayed when the card has been removed. At the end of the specified time, the screen is locked.

    • Card Removal Logout Wait Timeout – Specifies the number of seconds the desktop waits for a smart card to be reinserted when the Reauthentication screen is displayed. If the card is not reinserted in time, the user is logged out. Note that this timeout is relevant only if Reauthenticate After Card Removal—in the Options tab—is set to False.

  9. Click the Apply or OK button.
  10. Exit CDE to activate the change.

To Set Card Removal Options (Console)

  1. Verify that the ocfserv daemon is enabled.

    The following command provides the status of the service.

    % svcs network/rpc/ocfserv

    Note - Before you make any changes to Smartcard, you must make sure that the ocfserv daemon is enabled.

  2. (Optional) If necessary, as root, enable the ocfserv daemon.
    # svcadm enable network/rpc/ocfserv
  3. Select OCF Clients in the Navigation pane.
  4. Select the Desktop icon in the Console pane.
  5. Choose Properties in the Action menu.

    The Configure Clients dialog box is displayed.

  6. Select the Options tab in the dialog box.
  7. Click the checkboxes to toggle between on or off.

    • Ignore Card Removal – If checked, nothing happens when a smart card is removed from the reader.

    • Reauthenticate After Card Removal – If checked, a user is logged out when a card is removed. If Reauthenticate is not checked, the Card Removal Logout Wait setting—in the Timeouts tab—determines what happens.

  8. Click the Apply or OK button.
  9. Exit CDE to activate the change.
Copyright © 2005, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next