The Remote Desktop client supports the use of smartcards (eToken). A typical use case is when a user connects from home (Windows/MacOS/Linux) to their office computer (remote Windows desktop/server). The RDP client ‘forwards’ the local eToken connection to the remote machine so that applications on the remote desktop/server that require eToken authentication can be used.
Prerequisites:
- Possession of eToken with UTORauth-issued certificate and a current version of the SafeNet client installed on local and remote Windows hosts.
- Support RDC client:
- Windows: Built-in RDC client
- MacOS: Microsoft Remote Desktop 10 (downloadable from App Store)
- Linux: Remmina Client
Desktop Configuration:
- Windows
- Open Remote Desktop Connection Client, click on show options
- Under Local Resources tab, click on “More”
- Check the checkbox for Smart cards and save
- MacOS
- Open Microsoft Remote Desktop 10, add a PC profile
- Fill in the PC name (hostname of the remote desktop) and User account (account to access the remote server/desktop)
- Under Devices & Audio tab, check the checkbox for Smart cards and save
- Linux
- Open Remmina Remote Desktop Client
- Create a new connection profile for RDP
- Under Basic tab, fill in the Server (hostname/IP address of the remote server/desktop), Username and Password (account to access the remote server/desktop)
- Under Advanced tab, check the chekbox for Share smartcard and save
Usage:
- Plug in the eToken on the local desktop
- Start the Remote Desktop Client (RDC client on Windows, Microsoft Remote Desktop 10 on MacOS, Remmina Remote Desktop Client on Linux)
- Select the proper profile to connect to remote server
Troubleshooting:
- To test the availability of the X.509 certificate on the eToken to the remote end, open Safenet Authentication Client on the remote server. You should see the eToken with your name listed there. If not, close the RDC connection, re-plug the eToken, making sure the eToken LED is active, and restart the RDC.