The login server method uses standard NMAS authentication. It authenticates to eDirectory.
The following must be running on the Citrix server:
Scenario: Problem. The user at the ICA client launches a remote session. The devices (for example, a pcProx reader, smart card, or fingerprint reader) are also at the remote client. In the past, NMAS in this environment launched a session on the Citrix server. The output was redirected to the ICA client. The programs are running on the Citrix server, but input and output occur at the ICA client. NMAS couldn’t communicate with its authentication devices at the ICA client.
The user at the ICA client wants to log in with Client32 NMAS and a fingerprint reader. A Client32 login dialog box appears. Client32 and the NMAS client are running on the Citrix server. NMAS launches LCM (login client method) on the Citrix server.
The fingerprint reader is attached to the ICA client, but the LCM is being launched on the Citrix server. The LCM can't read the fingerprint reader because the network link is in the middle.The virtual channel solves this problem.
Scenario: Solution by Using Virtual Channels. Client32 calls NMAS, and NMAS calls SecureLogin before it authenticates the user. SecureLogin determines whether it is running in a remote Citrix session or in a console session. (It tries to determine whether another workstation is on the network—another workstation on the network for the session that it is attached to. The Citrix server could be serving sessions to--for example--1,000 ICA clients. One session could be running on the console.) SecureLogin determines whether it is running in a console session or one of the remote sessions.
If SecureLogin is running in a remote session, it uses the virtual channel, which runs over the Citrix protocol. SecureLogin communicates with a .dll file that is plugged in to the ICA client. The .dll file invokes NMAS. The client invokes an LCM on the ICA client, which communicates with the devices attached to the ICA client. NMAS running on the Citrix server knows that SecureLogin is handling the login.
SecureLogin redirects to the ICA client, called NMAS on that client. It is redirecting the output from NMAS across the virtual channel. Client 32 sends NetWare Core Protocols to the NMAS server like it normally would.
After redirection, Secure Workstation communicates to NMAS running on the Citrix server that the user is logged in. NMAS then provides a session.
The user is not aware that anything special or different happened. The user at the ICA client sees the login dialog box with instructions to place a thumb on the thumbprint reader. The user uses the thumbprint reader to log in.