Configuring the Client
3
no
vd
ocx
(e
n)
6 Ap
ril 20
07
21
3
Configuring the Client
The section provides information about the client configuration options which are selected during
the install. If you need to change the configuration after an install, remove and reinstall the method.
Section 3.1, “Disconnected Support,” on page 21
Section 3.2, “Identity Plug-In (ID-Plugin) Functionality,” on page 21
Section 3.3, “Custom Password Field Descriptor,” on page 21
Section 3.4, “Smart Card Interface,” on page 22
Section 3.5, “Novell Client Single Sign-On,” on page 22
Section 3.6, “Novell Client Passive Mode Login,” on page 22
3.1 Disconnected Support
Disconnected support allows the smart card to be used for a local workstation login when
eDirectory
TM
isn't available. This is useful in situations where network connectivity isn't always
available, such as for laptop users. After a connected eDirectory login, the disconnected
functionality stores the local user name and password on the local machine for future disconnected
logins. The local account password is encrypted with a 128-bit AES key generated from the smart
card private key. This means that a successful connected login must have occurred before
disconnected functionality is available.
To perform a disconnected login, select the Novell Client
TM
Workstation only
check box, then enter
the local account name and smart card PIN. The previously stored local account information will be
decrypted using the smart card and passed on to Windows for the workstation login.
Disconnected support works best in situations where the local account and eDirectory account
names are synchronized. When the account names are synchronized, the user does not need to
remember different names for connected (eDirectory) and disconnected (local workstation) logins.
3.2 Identity Plug-In (ID-Plugin) Functionality
The ID-Plugin functionality automatically looks up the user account based on the smart card's
certificate. In order to do this, the Identity Plug-in runs before the login and performs an LDAP
directory search for a user account match. When installing, you must specify the LDAP Server and
LDAP search base. The ID-Plugin does an LDAP subtree search starting at the specified search
base.
3.3 Custom Password Field Descriptor
Novell Client uses a default "password" string to label the password entry field. When using a smart
card, users enter the card's PIN, not a password, for login. To help eliminate confusion, a custom
string can be specified that is used instead of the default "password" string. For example,
&PIN:
could be specified. The ampersand (&) in the description is used to enable the Windows Alt+letter
focus functionality.
Содержание Enhanced Smart Card Method 3.0.1
Страница 4: ...novdocx en 6 April 2007...
Страница 8: ...8 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 10: ...10 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 19: ...Novell Enhanced Smart Card Method Installation 19 novdocx en 6 April 2007 Figure 2 13 Installation Screen...
Страница 20: ...20 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 24: ...24 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 28: ...28 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 40: ...40 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...
Страница 44: ...44 Novell Enhanced Smart Card Method Installation Guide novdocx en 6 April 2007...