You can use View Administrator to specify settings to accommodate different smart card authentication scenarios.

These settings do not apply to security servers. A security server that has been configured for smart card authentication always requires users to authenticate with a smart card and PIN during login.

Modify View Connection Server configuration properties on your View Connection Server host.

Verify that the Require SSL for client connections and View Administrator check box is selected in the Global Settings dialog box in View Administrator. You cannot configure smart card authentication options if this check box is deselected.

1

In View Administrator, click View Configuration > Servers.

2

Select the View Connection Server instance and click Edit.

3

On the Authentication tab, select a configuration option from the Smart card authentication drop-down menu.

Option

Action

Not Allowed

Smart card authentication is disabled on the View Connection Server instance.

Optional

Users can use smart card authentication or password authentication to connect to the View Connection Server instance. If smart card authentication fails, the user must provide a password.

Required

Users are required to use smart card authentication when connecting to the View Connection Server instance.

When smart card authentication is required, authentication fails for users who select the Log in as current user check box when they connect to the View Connection Server instance. These users must reauthenticate with their smart card and PIN when they log in to View Connection Server.

Note

Smart card authentication replaces Windows password authentication only. If SecurID is enabled, users are required to authenticate by using both SecurID and smart card authentication.

4

Configure the smart card removal policy.

You cannot configure the smart card removal policy when smart card authentication is set to Not Allowed.

Option

Action

Disconnect users from View Connection Server when they remove their smart cards

Select the Disconnect user sessions on smart card removal check box.

Keep users connected to View Connection Server when they remove their smart cards and let them start new desktop sessions without reauthenticating

Deselect the Disconnect user sessions on smart card removal check box.

The smart card removal policy does not apply to users who connect to the View Connection Server instance with the Log in as current user check box selected, even if they log in to their client system with a smart card.

For users who run View desktops locally on their client systems, if the policy is set to disconnect user sessions on smart card removal, when users remove a smart card, the guest operating system in the View desktop is locked. The View Client window remains open, and users can select Options > Send Ctrl-Alt-Delete to reauthenticate.

5

Click OK.

6

Restart the View Connection Server service.

You must restart the View Connection Server service for changes to smart card settings to take effect, with one exception. You can change the Smart card authentication setting between Optional and Required without having to restart the View Connection Server service.

Currently logged in users are not affected by changes to smart card settings.

Prepare Active Directory for smart card authentication, if required. See Prepare Active Directory for Smart Card Authentication.

Verify your smart card authentication configuration. See Verify Your Smart Card Authentication Configuration.