SecureLogin DAS Fast User switching using Smart Card in Active Directory mode
Table of Contents:
3. Configure Novell SecureLogin to launch separately using smart card user credentials
4. Configure DAS actions.xml to hide and unhide the desktop using the smart card
In the earlier version of Novell SecureLogin, Active Directory authentication of the workstation (either using password or smart card) were used to login to SecureLogin. The SecureLogin DAS Fast User Switching feature was not available in Active Directory mode.
With Novell SecureLogin 7.0 Sp1 Hot Fix 2 and later DAS Fast User Switching feature is available in Active Directory Mode.
To use this functionality, you must configure
The procedures explained in the document apply to:
While installing Novell SecureLogin you must enable the following options:
After SecureLogin with DAS is successfully installed, it initializes some registry keys. You must edit the registry keys to configure the system for your workstation.
To view and edit the registry keys:
Now SecureLogin prompts for Smart card PIN instead of getting launched using workstation logged-in credentials
Sample XML script:
<?xml version="1.0"?> <application-runner-script> <action name="Removal"> <kill-app application="slproto.exe" /> <kill-app application="slbroker.exe" /> <pause interval="1000"/> <hide-desktop /> </action> <action name="unHideMe"> <unhide-desktop/> </action> <action name="Insertion"> <kill-app application="slproto.exe" /> <pause interval="1000"/> <hide-desktop /> <run-application application="slproto.exe" parameters="" serial="true" interval="500"/> </action> <action-triggers> <on-cardmon action-name="Removal" card-insert="Insertion" LoginAction = "unHideMe"/> </action-triggers> </application-runner-script>
The Novell SecureLogin is launched successfully for the smart card user and the user’s desktop is displayed.
Note: To switch to another user remove the inserted Smart Card from the card reader and insert a new smart card.
With the help of the above configuration “SecureLogin DAS fast user switching” is achieved using Smart Card in Active Directory mode.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.