| SRDB ID | Synopsis | Date | ||
| 41019 | Sun Ray (TM) Server : How to change a Policy so that only registered smart cards can login | 20 Dec 2001 |
| Status | Issued |
| Description |
Customer has been using Sun Ray (TM) servers with the policy of allowing both smart cards and no cards (pseudo) to login. They would now like to change the policy so that only registered smart cards are allowed to login, and also want to self register the smart cards.
SOLUTION SUMMARY:
To change the policy, run the utpolicy command:
# /opt/SUNWut/sbin/utpolicy -a -r card -s card
Then restart the authentication manager to place the new policy into affect.
# /opt/SUNWut/sbin/utpolicy -i soft/clear
This will allow only smart cards in the token database to login on the Sun Ray appliances. It will allow self registration of smart cards. When people login for the first time, they will get a registration screen so they can register their cards. This is true even for people who have been using their cards before the new policy went into affect. Anyone without a smart card will no longer be able to login.
INTERNAL SUMMARY:
Terry Kintz
terry.kintz@sun.com
SUBMITTER: Terry Kintz APPLIES TO: AFO Vertical Team Docs/NetAdmin ATTACHMENTS: