Various models of Sun Ray DTUs are available, differing primarily with respect to size, type, and supported resolution of the connected screen. However, all DTUs include a smart card reader, a keyboard, and a mouse.
A software version of the DTU, called a Sun Desktop Access Client, is also supported. A Sun Desktop Access Client runs on an ordinary PC or laptop computer and provides a Sun Ray session in a desktop window. Sun Desktop Access Clients do not support all standard DTU functionality, such as the use of smart cards.
Each DTU has a unique identifier, typically the Ethernet MAC address such as 040020f94f8a that is also printed on the chassis. A DTU may also have a public-private key pair, which it can use to authenticate to the server (This depends on the firmware version. Older versions of Sun Ray firmware or firmware preinstalled in the factory does not support client authentication keys).
Sun Desktop Access Clients also have a key pair for authentication, but they use a unique value derived from the key as their client identifier.
Whenever a DTU or Sun Desktop Access Client connects for the first time to a Sun Ray server, it is automatically registered in the Sun Ray data store. (You can add a new clients to the data store manually if you want to register any information before the first connection time.) It is also possible to store the clients's location or other information that might help you to manage the clients in your organization.
For Sun Ray DTUs that support client authentication keys, the public key presented by the unit is also stored in the Sun Ray data store. Each stored key is annotated with a status, which indicates whether the authenticity of the key for the DTU with a given MAC address has been verified and confirmed. If different keys are used with the same DTU identifier and none of the keys has been confirmed to be authentic, then this may indicate a security incident and is marked as conflict. In this case connection attempts from this DTU are rejected until one of the keys has been confirmed to be valid.
Keys for Sun Desktop Access Clients are not stored with the data store entry for the client, as the client identifier is directly related to the key.
The Desktop Units tab lists all the registered DTUs (similar to the utdesktop command). You can also search for specific DTUs by entering a search string that includes parts of either the identifier, location, or other information for the DTU. The Search menu allows you to limit the scope of the search further: you can display DTUs that are currently connected to a server, or search for specifically configured DTUs, such as token readers or multihead groups.
The list also displays the confirmation status of client authentication keys for a DTU and indicates conflicts. For Sun Desktop Access Clients, this item indicates that the client is automatically associated to the right key.