How To Lock Registered Smart Cards to Users

Posted by: madhatter

Here's a simple script that can be used to tie registered Smart Cards to Solaris users. Installation/usage is simple & in the comment header of the script. Get it here.

Posted on: Oct 29, 2007

Category: Sun Ray | Tags:

Permanent link to this entry

Comments:

Cool! Would it be possible to use this with VDI 3.1 or VMware View connector?

Even if I had to add local Solaris users, that would be ok. But even just a check to see that the username that they are attempting to use matches the owner of the Token is perfect.

Thanks,

Jim

Posted by Jim Nickel on October 29, 2009 at 04:51 PM PDT #

I do not believe this will work for VDI or View connector. The script works against Solaris users & that's really not applicable for View & VDI connectors (it's not been tested). Currently the View connector only works in kiosk mode. Not sure VDI connector is applicable/supported in non-kiosk mode.

Posted by Madhatter on October 29, 2009 at 07:45 PM PDT #

From what I can see in the code (I am not an expert), it looks like it just checks against the results from the utuser command which gets it's data from the Owner field - not from the /etc/passwd file.

So...as long at the env variable $USER is set by the VDA login code shouldn't this work?

I am going to try it out anyway and let you know.

Jim

Posted by Jim Nickel on October 30, 2009 at 08:22 AM PDT #

You were right...I just tried it and it does not work - I get a generic Kiosk mode user utku5 etc.

Is there some way to check later in the process to make this happen?

Is there some place to see docs of exactly what the login process is? What files are run in what sequence?

Any suggestions/pointers would be greatly appreciated!

Thanks so much for your help!

Jim

Posted by Jim Nickel on October 30, 2009 at 08:31 AM PDT #

Think Thin: Thin Client and Server Based Computing Group Blog