Applies to: Centrify DirectControl 5.0.2 and higher on CentOS 6.x and Mac OS X platforms.Question:
Logging in and unlocking the screen with a Smart Card works.
However using sudo prompts for a password and instead of a Smart Card.
How can sudo be configured to work with a Smart Card?Answer:
and add:auth sufficient pam_pkcs11.so
On the server, run:$ sudo echo test
Found the Smart card.
Smart card PIN: (enter pin)
When no CAC is inserted, it prompts for AD password.$sudo echo test
For Mac OS, an alternative workaround is to modify the sudoers file and add "NOPASSWD
" for password: