Menu
▾
▴
Re: [rdesktop-users] Problem with smartcard redirection in rdesktop 1.7.x against Windows 2008R2
|
From: Andreas B. <and...@ha...> - 2012-01-12 10:32:10
|
It would appear the timeout values for Net iD was indeed the bad guy. Guess I should RTFM a bit better. It still doesnt work on my workstation where I run pcscd 1.7.2 and this reader: ID 0b97:7762 O2 Micro, Inc. Oz776 SmartCard Reader But, it does work on the IGEL terminals, and with a Gemalto GemPlus reader on another machine with pcscd 1.5.3. So I am happy for now! Thanks for clearing it up, I appreciate all the good work put into rdesktop :) ----- Ursprungligt meddelande ----- Från: "Henrik Andersson" <hen...@ce...> Till: rde...@li... Skickat: onsdag, 11 jan 2012 22:25:53 Ämne: Re: [rdesktop-users] Problem with smartcard redirection in rdesktop 1.7.x against Windows 2008R2 Hi Andreas, 2012-01-11 13:31, Andreas Berger skrev: > We're running some Windows 2008R2 terminal server machines, and we use "SITHS" cards (smartcards for Swedish healthcare stuff) that require a Net iD application from Secmaker to work. > In rdesktop 1.6.0 all this works fine. I can log in with a redirected smartcard, and it will work nicely in the RDP session. > I have done the development of 64bit smartcard fixes and testing against NetID on a Windows2008R2, using a Telia EID card and have not seen those issues you describe. However we have stumble upon an issue with later versions of NetID> 5.3, which changed the default behaviour for checking of card presence in a reader, this new approach is not functional with PCSC lite and results in that NetID becoming unresponsive when card is inserted in the reader, this might be the actual issue you have ? This is taken from the admin notes of NetID and you need to change this new default value in the ini file for NetID so that the key StateTimeout has value 0 to get back to the old polling behaviour: "6.25.3 StateTimeout This entry changes the behavior for smart card present check. Normally smart card presence is checked by asking the smart card readers quite often by polling, the poll time is controlled by [Smart Card Reader]>Poll entry. Using this parameter will change to a call which will ask for state and not return until anything has changed. 0 -> Normal polling is used x -> State driven presence is used, specify the number of minutes for timeout (10 recommended). Default value is 0; normal polling is used. Note 1: This feature require enhanced support for the PC/SC implementation and eventually some enhanced support for the PC/SC smart card reader driver. Currently, this feature should only be used with Windows, since there are some unknown problems for Linux/Mac OS X platforms. Note 2: This feature may work better with some PC/SC smart card drivers compared with polling, but there is no real recommendation when polling respective state driven presence check should be used." Kind Regards, Henrik Andersson (Cendio AB) > However, with rdesktop 1.7.x, the Net iD application hangs as soon as a card is present in the reader. Logging in without a card lets the Net iD app see the reader hardware, it's just when it tries to access a card it freezes.I can't see any output in the terminal from rdesktop when this happens. > > I have tested on a Windows XP machine as well, and logging in to that everything works as expected. > This has been tested on Ubuntu 10.04, and Ubuntu 11.10 with pcscd-lite 1.5.3 and 1.7.2 respectively. > We're also using some IGEL UD9-730LX terminals, so this appears to have broken in later updates of the firmware for those as well. > > Not sure where to go from here... > > ------------------------------------------------------------------------------ > Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex > infrastructure or vast IT resources to deliver seamless, secure access to > virtual desktops. With this all-in-one solution, easily deploy virtual > desktops for less than the cost of PCs and save 60% on VDI infrastructure > costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox > _______________________________________________ > rdesktop-users mailing list > rde...@li... > https://lists.sourceforge.net/lists/listinfo/rdesktop-users ------------------------------------------------------------------------------ Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox _______________________________________________ rdesktop-users mailing list rde...@li... https://lists.sourceforge.net/lists/listinfo/rdesktop-users |