Smart card authentication requires both a PIN and a
physical token to confirm the user identity. Smart card certificates are associated
with
the user account and the user's assigned group. Once registered, the user can use
smart
card authentication from any Endpoint Encryption device in
that group. Users are free to use any Endpoint Encryption
device in their group and do not need to ask for another one-time password.
To use smart card authentication, make sure that the following requirements are
met:
-
The smart card reader is connected to the endpoint and the smart card is inserted into the smart card reader.
-
ActivClient 6.1 with all service packs and updates installed.
-
Specify the smart card PIN in the password field.
WARNING
Failure to provide a correct password sends a password error and may result in locking the smart card.
 |
NoteSmart card authentication is only configurable with PolicyServer MMC.
|
Smart Card Registration
Smart card certificates are associated with the user account and the user's
assigned group. Once registered, the user can use smart card authentication from any
Endpoint Encryption device in that group. Users are free to use any Endpoint Encryption device in their group and do not need to ask for another
one-time password.
Registering a Smart Card in Full Disk Encryption Preboot
Procedure
- Follow the instructions to change passwords, then select Smart
Card.See the Administrator's Guide for PolicyServer MMC.
- Insert the smart card in the reader.
- Connect the reader to the endpoint.
- Specify the user name and fixed password.
- Click Continue.
- At the confirmation message, click Continue.
- At the Register Token window, do the
following:
- Type the new PIN provided by the Group or Enterprise Administrator.
- Confirm the new PIN.
- Select the smart card type from the Token drop-down list.
- Click Continue to finish registering the smart card token.