Christopher Juckins

SysAdmin Tips, Tricks and other Software Tools

User Tools

Site Tools

Trace:
cac_authentication

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
cac_authentication [2013/09/25 16:38] – created juckinscac_authentication [2015/10/15 09:57] (current) juckins
Line 1: Line 1:
-__Configuring CAC Authentication__+**__Configuring CAC Authentication__**
  
 +Updated 25 September 2013
  
 +__Tested hardware:__ \\
 +Advanced Card Systems Ltd \\
 +Model ACR38 \\
 +P/N ACR38U-I1 \\
 +S/N RR100-182985
 +
 +__Tested software:__ \\
 +CentOS release 6.4 (Final) \\
 +Linux baystate 2.6.32-358.18.1.el6.i686 #1 SMP Wed Aug 28 14:27:42 UTC 2013 i686 i686 i386 GNU/Linux 
 +
 +<code>
 +1.  Install these packages as root. 
 +# yum -y install rdesktop pcsc-lite esc
 +
 +[root@baystate: ~]# rpm -qa |grep rdesktop
 +rdesktop-1.6.0-10.el6.i686
 +
 +[root@baystate: ~]# rpm -qa |grep pcsc | sort
 +pcsc-lite-1.5.2-13.el6_4.i686
 +pcsc-lite-libs-1.5.2-13.el6_4.i686
 +pcsc-lite-openct-0.6.19-4.el6.i686
 +
 +[root@baystate: ~]# rpm -qa |grep esc
 +esc-1.1.0-25.el6.centos.1.i686
 +
 +2.  Make sure pcscd is set to run on boot and that the service will start manually.
 +# chkconfig pcscd on
 +# service pcscd start
 +
 +3.  Reboot the machine.  Upon logging back in, make sure pcscd is running.
 +# ps -ef |grep pcscd (should return running process)
 +
 +4.  Connect the smart card reader to the Linux workstation, and insert smart card.  
 +
 +5.  Start up the SC manager GUI.
 +From the RedHat menu, click Applications > System Tools > Smart Card Manager 
 +
 +6.  Run rdesktop with the smart card option.  Customize geometry as appropriate.
 +
 +# rdesktop -g 1024x720 -a 16 -d windomain -u first.last machinename.fqdn -r scard
 +
 +6.  There should be one or two Smart Card Logon options in addition to the usual ncepad\<user> 
 +logon option.  You probably need to select the left-most or first of the Smart Card Logon 
 +options.  Once selected, verify the Smart card logon is for "<10 DIGITS>@mil" rather than the 
 +logon that looks like this "....OU=PKI, OU=DoD, O=U.S. Government, ...."
 +
 +7.  Supply your CAC's PIN as you normally would.
 +
 +8.  Remote desktop should begin.
 +</code>
 +
 +__Virtual Box USB Tips__:\\
 +http://jaanus.com/how-to-get-a-usb-smart-card-reader-to-work-in-virtualbox-guest/
cac_authentication.1380141523.txt.gz · Last modified: 2013/09/25 16:38 by juckins