Does ut_ati only do an external lookup on the first token attempt though, or does it check on subsequent attempt to use the token as well?
William Yang > -----Original Message----- > From: [email protected] [mailto:sunray-users- > [email protected]] On Behalf Of Joerg Barfurth > Sent: Monday, August 10, 2009 9:55 AM > To: SunRay-Users mailing list > Subject: Re: [SunRay-Users] Smart cards stored in AD > > Wouter Coppens schrieb: > > Hi all, > > > > One of our clients is thinking about replacing all of his desktops with > > Sun Rays. Were talking here about a couple of thousand Sun Rays. > > > > He has several teams: one responsible for the servers, another for the > > Active Directory, one for the workstations, and so on. > > They store all information about a user in a central repository (AD) and > > want to keep it like this. > > > > A smart card is normally registered on a Sun Ray server. Im not talking > > about the certificates on a smart card. They want to store it in AD. If > > a user looses his card, he has to contact the user administration team > > and they can modify the users smart card. Normally this team shouldnt > > have access on the Sun Ray servers > > > > Can this be done? Even with a script is fine. > > > > It depends how card registration is used. If you are using 'registered > card only' policy, then the ATI (automatic token import) feature, which > is available since patch -01 of SRSS 4.1, should mostly do what you want. > > See the ut_ati_script_interface(3) man page. > > HTH > > - Jörg > _______________________________________________ > SunRay-Users mailing list > [email protected] > http://www.filibeto.org/mailman/listinfo/sunray-users _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
