Client systems that use a smart card for user authentication must meet certain requirements.

Each client system that uses a smart card for user authentication must have the following software and hardware:

View Client

A Windows-compatible smart card reader

Smart card middleware

Product-specific application drivers

You must also install product-specific application drivers on the View desktops.

View supports smart cards and smart card readers that use a PKCS#11 or Microsoft CryptoAPI provider. You can optionally install the ActivIdentity ActivClient software suite, which provides tools for interacting with smart cards.

Users that authenticate with smart cards must have a smart card or USB smart card token, and each smart card must contain a user certificate.

To install certificates on a smart card, you must set up a computer to act as an enrollment station. This computer must have the authority to issue smart cards for users, and it must be a member of the domain you are issuing certificates for.

Important

When you enroll a smart card, you can choose the key size of the resulting certificate. To use smart cards with local desktops, you must select a 1024-bit or 2048-bit key size during smart card enrollment. Certificates with 512-bit keys are not supported.

The Microsoft TechNet Web site includes detailed information on planning and implementing smart card authentication for Windows systems.

See Prepare Active Directory for Smart Card Authentication for information on tasks you might need to perform in Active Directory when you implement smart card authentication with View.

Smart card authentication is not supported by View Client for Mac or View Administrator. See the VMware View Architecture Planning document for complete information on smart card support.