David Markey wrote:
But usernames should already be carried along with a utswitch even
with smartcards if you didn't use "-D" as a utpolicy option (or enable
"Direct Session Access" via the admin browser interface). Can you send
me the output of the "utpolicy" command? If there is a bug here, we
should fix it.
Ermm.. i dont think there is because i dont register the smart cards.
What way would SRSS know what username to pass? do i set the token variable?
With 4.1, when you login one of the PAM modules (pam_hotdesk?) reads
PAM_USER and sets a username property in utauthd for your connected
session, and the RHA GUI re-sets it every time you unlock a connected
session, so when utswitch requests the redirect utauthd supplies the
username to the redirect properties. Then it's consumed on the target
server by "sunray_get_user property=username" which reads the property
from utauthd and sets PAM_USER.
But if you use the -D option that disables RHA and all of this
mechanism, so you won't get that behavior with utswitch.
Is your policy a secret? Is there some reason you can't tell us whether
or not you use the -D option with utpolicy? ;-)
-Bob
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
