Enable CAC authentication | Trend Micro Service Central

Views:

After you import the CA Certificates and set up the Active Directory server configuration, you can configure the SMS to authenticate user login requests using CAC authentication.

When CAC authentication is enabled on the SMS, keep in mind:

All users must use their CAC to log in to the SMS client.
Users will not be able to access the SMS Web client. If a user backs up the SMS database, the backup will not be available on the Web client, but it will be available on the SMS at Admin → Database → Backup.

Procedure

Go to Admin → Authentication and Authorization → Authentication.
Under Authentication Source, click Edit.

Select Use CAC Authentication.

Note

The SMS will not allow an administrator to designate user accounts to be authenticated locally (Local Authentication). However, users (with SMS CLI role capabilities) can log in to the SMS command line interface (CLI) to disable CAC authentication. Disabling CAC authentication sets the SMS back to the default authentication method (Local Authentication).

Click OK.
To enforce CAC authentication, do the following:
1. Attach the USB card reader to the SMS client workstation.
2. Log out of the SMS client.