Go to main content

Managing Authentication in Oracle® Solaris 11.4

Exit Print View

Updated: August 2019
 
 

Configuring a Desktop for Users With Smart Cards

Users who need to gain system desktop access must have a local or a remote X11 desktop configured for them by an administrator. For a local desktop, the administrator must install the solaris-desktop group package. For remote desktop access, the administrator must configure XDMCP.

How to Configure a Local Desktop

Before You Begin

You must become an administrator who is assigned the Software Installation rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.

  1. Verify that the solaris-desktop group package is installed.
    $ pkg search -H -o pkg.name solaris-desktop
    group/system/solaris-desktop
  2. If the solaris-desktop group package is not installed, install it.
    $ pfexec pkg install solaris-desktop

    This system can now be used by a smart card user who needs a desktop.

How to Configure a Remote X11 Desktop

Before You Begin

You must assume the root role. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.

  1. Verify that the solaris-desktop group package is installed.
    # pkg search -H -o pkg.name solaris-desktop
    group/system/solaris-desktop
  2. Enable XDMCP connections in gdm.

    Set Enable to true in the /etc/gdm/custom.conf file.

    [xdmcp] Enable=true

    For more information, see the gdm(8) man page.

  3. Before activating the changes, warn users to log off and save their work.

    The restart kills all current gdm sessions.

  4. Activate the configuration change by restarting the gdm desktop windowing service.
    # svcadm restart gdm

    Users can now access a remote desktop with their smart cards. For the user procedure, see How to Use a Smart Card to ssh to a Remote GNOME Desktop.