Wilkinson, Alex schrieb:
0n Tue, Oct 05, 2010 at 10:12:18AM +0200, J?rg Barfurth wrote:
>Wilkinson, Alex schrieb:
>> When the "system policy" is set for access to only "Card Users" AND
"Users With
>> Registered Tokens", can the TokenReader DTU be used as a regular DTU as
well as
>> a TokenReader DTU ?
>No. The session on a token reader DTU is always considered a non-card
>session. The session token will stay the same (non-card) token, even if
>a card is inserted. If non-card access is disabled, a token reader DTU
>will only display the token reader icon.
So that means you cant have non-card access disabled if you want a useable
token-reader DTU ... right ?
If you have non-card access disabled, then a token-reader DTU is usable
(only) as token reader, but not for session access.
Note: If you do enable non-card access, neither kiosk nor NSCM policy
will apply to a token reader DTU. So you'll only ever get a non-mobile
UNIX login session. I don't recall offhand how it will interact with a
registered-non-card-only policy. Due to these policy anomalies a token
reader DTU should in most cases either be used as a pure token reader
(as you get when card access is disabled) or as some sort of admin
station (non-mobile login allowed).
- Jörg
--
Jörg Barfurth http://blogs.sun.com/joergb
Disclaimer: I am employed by Oracle. The statements and opinions
expressed here are my own and do not necessarily represent those
of Oracle Corporation.
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
