The X Display Manager (XDM) is a PAM application providing graphical login. The following sections document how to configure XDM with smart card authentication.
To configure XDM for smart card
vastool smartcard configure pam xdm
XDM is similar to KDM. It displays a Login: and a Password: prompt, neither of which you can modify. Thus the prompt-vassc-user and prompt-vassc-pin options in the [pam_vas] section of vas.conf have no effect.
XDM does not display any additional information from the Authentication Services PAM module. Thus, the prompt-style and show-token-status options also have no effect under XDM.
One Identity recommends that you disable remote login for XDM by disabling the X display manager control protocol (XDMCP).
Note: XDMCP is disabled by default.
To manually disable XDMCP
This file is typically located at /etc/X11/xdm/xdm-config.
The /usr/bin/login program is a PAM application for performing login to the system. Typically /usr/bin/login is called by the getty program for login to the console. The following sections document how to configure and use console login with smart card authentication.