FAQ

EVGA FAQ help Center

Do PCoIP zero clients support pre-session smart card authentication?

Last Update: 2012/08/21
Copy Link

Yes.

PCoIP zero clients support pre-session smart card authentication for sessions connected to VMware View virtual desktops that meet the system configuration requirements listed next. For deployments that meet these requirements, PCoIP zero clients can also read and process CAC card information and allows SSO (single sign on) authentication of the user prior to session establishment.

 

System Requirements

When used with VMware View 4.5 or higher with smart card authentication enabled, the firmware securely transfers the attached CAC smart card information to the View Connection Server for authentication and SSO of a user prior to a session.

Virtual Desk Requirements

  • VMware View 4.5 or higher
  • VM Guest OS: Windows XP, Vista, Win7 with VMware View Agent PCoIP smart card component installed
  • PCoIP zero client firmware 3.2.0 or newer (where those smart cards supported in later firmware releases are indicated as such)

Supported USB Smart Card Readers

  • Alcor AU9540-GBS (built into selected Samsung zero clients)
  • Castle EZM110CU
  • Castles Technology EZM110PU (built into selected ClearCube zero clients)
  • Cherry SmartBoard keyboard
  • Dell Smart Card USB keyboard SK3205
  • GemPC Twin HWP108765C
  • Gemalto PC USB-SW PCoIP zero client
  • HID Omnikey 5321 (Note the 5321 CLi variant is currently not supported)
  • HP KUS0133 Smart Card Keyboard
  • OmniKey 3021
  • OmniKey 3121
  • Peripheral Dynamics PT-3901
  • PC Twin HWP108760D
  • SCR331
  • SCR333
  • SCR335
  • SCR3310
  • SCR3310/v2.0

CAC Smart Card Properties

For smart card authentication and SSO, the smart card must meet one of these specifications:

  • GSC-IS v2.0 and v2.1 cards (firmware 3.2.0 or higher)
  • PIV transitional cards (firmware 3.4.0 or higher)
  • PIV endpoint cards (firmware 3.4.0 or higher)
  • Gemalto .NET
  • Gemalto Access Client
  • CoolKey

The communication protocol between the smartcard and the reader is referred to as T=X, where X is 0 or 1. Firmware 3.2.0 and higher supports T=0. Firmware 3.4.0 and higher supports T=1.

A certificate on the smart card must have these properties:

  • Key usage set to digital signature
  • Subject common name and/or subject alternative name (other name) is set
  • Enhanced key usage includes client authentication and/or smart card logon.
  • Key length is no larger than 2048 bit

 

CAC Smart Card PropertiesTested Smartcard Models

Teradici has tested these specific smart card models:

 

Your card may be on the supported card list however the applet of the card may not be supported.

 

PCoIP zero clients locally terminate the smart card readers for pre-session authentication. This means that they are not re-directed via USB. As such, the Agent’s PCoIP smart card component must be installed the guest OS for the guest to see the smart card reader (this is not installed by default).

Pre-session smart card authentication to remote workstations using PCoIP host cards is not supported at this time.

EVGA PCoIP Support

Keywords
59361 PCOIP USB Smart Card CAC Zero Client PD0