C H A P T E R  1


The Sun Raytrademark Connector for Windows OS is a Sun-supported terminal services client, based on the Microsoft Remote Desktop Protocol (RDP), that enables Sun Ray users to access applications running on remote Windows Terminal Servers. It is especially useful to those who are accustomed to Windows-based applications or who wish to access documents in certain formats from a Sun Ray thin client. The Sun Ray Connector for Windows OS is often referred to as the Sun Ray Connector or simply as the Connector.

The Sun Ray Connector gives users access to a Windows desktop, either occupying the entire Sun Ray screen or running in a window in a Solaristrademark or Linux environment.

Architectural Overview

From a user point of view, the Sun Ray Connector mediates between the Sun Ray desktop and the Microsoft Windows Terminal Server. Residing on the Sun Ray server, it uses the Remote Desktop Protocol (RDP) to communicate with the Windows Terminal Server and the Appliance Link Protocoltrademark (ALP) to communicate with the Sun Ray desktop, as suggested in FIGURE 1-1. Once installed, the Sun Ray Connector requires only that a user type a simple command to connect to a Windows Terminal Server where the usual applications reside. The command can be modified to accommodate a variety of preferences, or options, for instance to specify screen size or a list of available printers.

FIGURE 1-1 Sun Ray-Windows Connectivity

Sun Ray DTU to Windows Terminal Server


The Sun Ray Connector supports:

These features are described in the following sections.


The Sun Ray Connector uses Microsoft Point-to-Point Compression (MPPC) to compress data between the Sun Ray Server, which runs the Sun Ray Connector, and the Windows Terminal Server.


The Sun Ray Connector uses RSA Security’s RC4 cipher, which encrypts data of varying size with a 56-bit or a 128-bit key, to secure all data being transferred to and from the Windows server.

Four levels of encryption can be configured at the Windows Terminal Server:

All data from client to server is encrypted based on maximum key strength supported by the client.

All data between client and server in both directions is encrypted based on the maximum key strength supported by the client.

All data between the client and server in both directions is encrypted based on the server’s maximum key strength. Clients that do not support this strength of encryption cannot connect.

FIPS-compliant encryption is not supported[1].

Note - Data encryption is bidirectional except at the Low setting, which encrypts data only from the client to the server.

Smart Cards

The Sun Ray Connector uses the PC/SC framework to allow applications on the Windows Terminal Server to access smart cards inserted in the Sun Ray DTU. Typically, this feature is used to provide two-factor authentication with digital certificates or to permit the use of electronic signatures or other information stored on a smart card. See Smart Cards.

Note - Smart Cards and the PC/SC framework are supported on the Solaris Operating System but not on Linux.

Session Directory

The Sun Ray Connector supports server session reconnection based on Session Directory, a database that keeps track of which users are running which sessions on which Windows Terminal Servers, and load balancing information. Session Directory functionality enables Sun Ray Connector users to reconnect not only to an existing Sun Ray session but also to be reconnected automatically to the right Windows session.

Both IP address-based and token-based reconnection are supported; however, token-based redirection requires the use of a hardware-based load balancer for Windows Terminal Servers configured as a server farm. The capacity to utilize server farms and load balancing allows Windows Terminal Servers to accommodate a larger number of Sun Ray users and DTUs.

Note - To participate in a Session Directory-enabled server farm, Windows Terminal Servers must run Windows Server 2003 R2 Enterprise Edition or Windows Server 2003 R2 Data Center edition. Session Directory is an optional component that can be configured to use Microsoft proprietary or third-party load balancing products.

For details of setup, configuration, and operation, please see Microsoft’s documentation, for instance at:


Local Drive Mapping

File systems from removable media devices, such as flash drives or ZIP drives, connected to Sun Ray USB ports can be mapped to the Windows environment, where they appear as locally mounted drives. Any file can be mounted and mapped from the Sun Ray environment to the Windows environment.

caution icon Caution - Windows filenames cannot contain the following characters: logical or:*?"<>|. Make sure that redirected UNIX folders do not contain any files that use these characters in their names.

Audio Support

Users can play sound files on their Sun Ray desktops (downstream audio) with audio applications located on the Windows Terminal Server; however, recording from the Sun Ray desktop unit to the Windows Terminal Server (upstream audio) is not supported by the RDP Protocol and has therefore not been implemented.

Serial Port Mapping

Users can access serial devices connected to a Sun Ray DTU from their Windows sessions. Serial devices can be connected either directly to the serial ports on a Sun Ray DTU or by means of a serial adapter.


Once a connection is established, a user can print from Windows applications using any of the following:

Network printing is recommended over locally-attached printing.


The Sun Ray Connector enables cut-and-paste text functionality between Windows applications and applications running on the Sun Ray desktop, whether Linux or Solaris versions. Copying and pasting is enabled for all supported languages, including double-byte languages, such as Chinese, Japanese, and Korean. The Sun Ray Connector does not support copying and pasting functionality for Rich Text format.


The Sun Ray Connector supports both per-user and per-device Terminal Server Client Access Licenses (TS-CAL). When per-device licensing is configured for Windows Terminal Server, each Sun Ray DTU is granted a new license from the licensing server. Implications of these licensing modes are discussed under Licensing Modes and Hotdesking.

Licensing information is stored in the Sun Ray data store and can be retrieved and presented each time a Windows connection is made.

For information on administering licenses, see the utlicenseadm man page. See also the note on Microsoft license requirements under Installation.


Certain limitations, listed below, are caused by dependencies on other products. Limitations in the current implementation of the Sun Ray Connector are documented in the Sun Ray Connector for Windows OS, Version 2.0 Release Notes.

Windows Limitations

The following features are not supported on Windows 2000:

Other Limitations

Copy-and-Paste, Cut-and-Paste

The following behaviors, although similar, are caused by limitations in different applications:

USB Disk

Removing a USB disk from a Sun Ray DTU while it is still being accessed by a Windows application leaves a stale mount point on the Sun Ray server.


1 (Footnote) FIPS is an acronym for the Federal Information Processing Standards defined by the National Institute of Standards and Technology.