In addition to normal Sun Ray smart card functionality, such as hotdesking, the Windows connector enables additional smart card functionality, such as the following:
Strong, two-factor authentication for access control with digital certificates
PIN-based logins
Digital signing, encrypting, and decrypting of email messages from Windows-based email clients
For this purpose, the Windows connector uses the smart card services on the Sun Ray server and smart card middleware on the Windows system.
See Microsoft's Smart Card documentation at: http://technet.microsoft.com/en-us/library/dd277362.aspx.
This procedure describes how to enable smart card redirection on a per-connection basis.
Smart card redirection is disabled by default. It can be enabled on a per-connection basis with the following CLI option:
% /opt/SUNWuttsc/bin/uttsc -r scard:on hostname.domain
This procedure describes how to set up smart card login for Windows.
Set up Active Directory and Certification Authority (CA) on the Windows system.
Install the smart card middleware product on the Windows system.
If you use ActivClient middleware, set the Disable PIN Obfuscation option to Yes through the ActivClient user console on the Windows system.
Enroll the necessary certificates onto the Smart Card using either a Sun Ray token reader or an external smart card reader connected to the Windows system.