3.0.1

Table Of Contents

View Manager Administration Guide

82 VMware, Inc.

Smart Card Authentication

Someorganizationsrequirepersonneltopassmultiplestagesofauthenticationbefore

allowingthemtoconnecttotheirsystems.ViewManagerprovidessupportfor

high‐securityenvironmentsbyofferingsmartcardauthenticationofclientsessions.

Smartcardauthenticationworksbypresentingatrustedsetofclientcredentials—a

usercertificate—toViewConnectionServer.Ausercertificat

eisanencryptedsetof

authenticationcredentialsthatincludesthedigitalsignatureofthetrustedroot

CertificateAuthority(CA)thatissuedthecertificate.

Theusercertificateisstoredonthesmartcardandcanonlyberetrievedandpassedto

theserveraftertheuserhasverifiedtheirownershipbyenteringapersonal

identificatio

nnumber(PIN).Certificatesarethenauthenticatedbyusingapublickey

toverifytheincludeddigitalsignature;theexpecteddigitalsignatureiscontainedina

trustedCAcertificatethatisstoredonViewConnectionServer.

ThisfollowingsectionsdescribehowtoconfigureandenablethisfeatureonVi

ew

ConnectionServer.

Smart Card Hardware

EachclientsystemusingsmartcardauthenticationwillrequireViewClientanda

Windows‐compatiblesmartcardreadertobeinstalled.

Inordertorecognizeandusethesmartcardhardware,product‐specificapplication

driversmustbeinstalledonboththeclientsystemsandremotedesktops.Smartcard

profilescanvarybetweenve

ndors;refertothedocumentationthataccompaniesthe

smartcardreaderformore informationabouthowtodothis.

NOTESmartcardauthenticationisonlysupportedbyViewClient;itisnotsupported

byViewAdministrator,ViewPortal,orbyofflinedesktopinstancesaccessedthrough

ViewClientwithOfflineDesktop.