Windows Smart Card Logon Use Case

Similar documents
Install and Issuing your first Full Feature Operator Card

Logon to Windows Vista using smartcard and CertiID in a Windows 2008 environment.

Step-by-step installation guide for monitoring untrusted servers using Operations Manager

Copyright

SC-3 USB Token. QUICK Reference. Copyright 2007 CRYPTOCard Corporation All Rights Reserved

YubiKey Smart Card Deployment Guide

Certification Authority

YubiKey Smart Card Deployment Guide

Configuring EAP for Wireless Network Connectivity By Victor Zapata

Security Cooperation Information Portal

ISL01: Transparently Authenticating Tablets, Smartphones and Laptops with Symantec Managed PKI Service

Owner of the content within this article is Written by Marc Grote

Configuration of Microsoft Live Communications Server for Partitioned Intradomain Federation

Guide Installation and User Guide - Windows

Setting up Certificate Authentication for SonicWall SRA / SMA 100 Series

SC-1 Smart Card Token. QUICK Reference. Copyright 2007 CRYPTOCard Corporation All Rights Reserved

V1.0 Nonkoliseko Ntshebe October 2015 V1.1 Nonkoliseko Ntshebe March 2018

How to Configure S/MIME for WorxMail

Yubico with Centrify for Mac - Deployment Guide

vsec:cms S-Series Introduction Release Notes Release October 16 th, 2018

Digital Certificate Service (DCS) - User Guide

Guide Installation and User Guide - Mac

EOH-SASOL - Setup Sasol Mobile Express (Client)

External Authentication with Checkpoint R77.20 Authenticating Users Using SecurAccess Server by SecurEnvoy

Installation and Configuration Guide

Installation and Configuration Guide

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP. For VMware AirWatch

S-Series Administration Guide Version 4.8

Workspace ONE UEM Certificate Authority Integration with JCCH. VMware Workspace ONE UEM 1810

SCCM Plug-in User Guide. Version 3.0

of SNMP Service and SNMP Trap Service for SAEAUT SNMP OPC Server application

Enabling Smart Card Logon for Linux Using Centrify Suite

Defender Desktop Login GrIDsure Token User Guide

Certificate Management

Dealing with Event Viewer

vsec:cms S-Series Introduction Release Notes Release April 27 th, 2018

Symantec Managed PKI. Integration Guide for ActiveSync

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

ms-help://ms.technet.2004apr.1033/ad/tnoffline/prodtechnol/ad/windows2000/howto/mapcerts.htm

YubiKey Smart Card Minidriver User Guide. Installation and Usage YubiKey 4, YubiKey 4 Nano, YubiKey 4C, YubiKey 4C Nano, YubiKey NEO, YubiKey NEO-n

The information in this document is based on these software and hardware versions:

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server

Verizon Registration Process:

Enabling Smart Card Logon for Mac OS X Using Centrify Suite

VMware AirWatch Certificate Authentication for EAS with ADCS

This PDF Document was generated for free by the Aloaha PDF Suite If you want to learn how to make your own PDF Documents visit:

User Documentation for "NFC CSP Light" Version 1.0

For my installation, I created a VMware virtual machine with 128 MB of ram and a.1 GB hard drive (102 MB).

How to Configure the RSA Authentication Manager

RB-1 PIN Pad Token. QUICK Reference

Module 3 Remote Desktop Gateway Estimated Time: 90 minutes

How to Integrate RSA SecurID with the Barracuda Web Application Firewall

Fingerprint Authentication Guide

Barracuda Networks SSL VPN

VMware AirWatch Integration with SecureAuth PKI Guide

VMware AirWatch: Directory and Certificate Authority

Troubleshooting smart card logon authentication on active directory

Configure Outlook to use port 587 with authentication

GlobalMeet Audio for Skype for Business. Administrator Guide

Product Documentation

Comodo Device Manager Software Version 4.0

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: November 10, 2011

Verizon Registration Process:

Nimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]

Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop

Workspace ONE UEM Integration with RSA PKI. VMware Workspace ONE UEM 1810

AirWatch Mobile Device Management

Configuring Windows 7 VPN (Agile) Client for authentication to McAfee Firewall Enterprise v8. David LePage - Enterprise Solutions Architect, Firewalls

YubiKey Smart Card Minidriver User Guide. Installation and Usage YubiKey 4, YubiKey 4 Nano, YubiKey 4C, YubiKey 4C Nano, YubiKey NEO, YubiKey NEO-n

BitLocker: How to enable Network Unlock

Guide Installation and User Guide - Linux

PEAP under Cisco Unified Wireless Networks with ACS 4.0 and Windows 2003

VMware AirWatch Integration with RSA PKI Guide

Reference Card: How to connect Windows 7 to UniWireless

McAfee Endpoint Encryption

Integration Guide. SafeNet Authentication Manager. SAM using RADIUS Protocol with Microsoft DirectAccess

Mobile-911 Server - Mandatory Upgrade. For Enterprise Edition Users. September 3 rd, 2014 ***** ACTION REQUIRED *****

ms-help://ms.technet.2004apr.1033/win2ksrv/tnoffline/prodtechnol/win2ksrv/howto/efsguide.htm

Integration Guide. SafeNet Authentication Client. Using SAC CBA for VMware Horizon 6 Client

Microsoft Windows Encrypting File System (EFS) Certificate Migration from XP to VISTA (also works with Windows 7) Instruction Guide

GlobalSign Enterprise Solutions

Secure Lightweight Activation and Lifecycle Management

Table of Contents. VMware AirWatch: Technology Partner Integration

Table of Contents HOL-1757-MBL-6

Certificate Enrollment- and Signing Services for the Cloud. A behind-the-scenes presentation of a successful cooperation between

Remote Access. Application Viewer User Guide

Wavecrest Certificate SHA-512

Integration Guide. Eduroam

SecurEnvoy Microsoft Server Agent

HyperPKI Manager User Guide For the HYP2003 PKI Token (Windows Version)

Pulse Secure Client for Chrome OS

How to Install Enterprise Certificate Authority on a Windows 2008 Server

Cyber Ark Software Ltd Sensitive Information Management Suite

Product Documentation

INFORMATION TECHNOLOGY COMMITTEE ESCB-PKI PROJECT

etoken Integration Guide etoken and ISA Server 2006

SafeNet Authentication Client

Microsoft Network Device Enrollment Service

About the Citrix Usage Collector (versions 1.0 and 1.0.1)

SafeNet Authentication Client

Transcription:

Windows Smart Card Logon Use Case Issue Smart Card Logon versasec.com 1(13)

Table of Contents Windows Smart Card Logon Use Case... 3 Step 1 Configuring a Windows Smart Card Logon Template... 3 Step 2 Configuring Card Template... 4 Step 3 Issue Smart Card Token... 11 Step 4 Perform Windows Smart Card Logon... 13 Issue Smart Card Logon versasec.com 2(13)

Windows Smart Card Logon Use Case Before beginning this article, it is necessary that you have successfully completed the article Install and Issuing your first Full Feature Operator Card. Follow the instructions in this article to setup and configure the S-Series such that it will be possible to issue and manage a smart card token to be used for Windows smart card logon. Note: The PKI used in this example use case will be an MS CA. Note: The smart card type that will be managed in this use case will be a generic mini-driver smart card token. Step 1 Configuring a Windows Smart Card Logon Template 1. From Windows open MMC. 2. Click the File Add/Remove snap in and add Certificate Templates and Certification Authority for your local computer and click OK. Issue Smart Card Logon versasec.com 3(13)

3. Click Certificate Templates and right click the Smart Card Logon template and click Duplicate Template. Then click the General tab and enter a new name for this template under Template display name. Go to the Issuance Requirements tab and ensure that The number of authorised signatures is set to 1, and the Application policy is set to Certificate Request Agent click Apply and click OK to exit. 4. Go to Certification Authority (Local), Your Certification Authority, and right click on Certificate Templates. Choose New, Certificate Template to Issue and choose the template you just configured and click OK. Step 2 Configuring Card Template 1. Navigate to Options - Smart Cards page. When the page is loaded attach the smart card token that is to be issued with the S-Series. The S-Series will filter the card type and present the smart card template available in the S-Series. Issue Smart Card Logon versasec.com 4(13)

2. Select the entry and click Edit. For Smart Card Access ensure that Use minidriver if possible is selected and click Save. 3. From Templates - Card Templates click the Add button. Issue Smart Card Logon versasec.com 5(13)

4. Click the Edit link for General. 5. Enter a template name and attach the smart card token that is to be issued and click the Detect button to allow the S-Series to detect the smart card token type that is to be used for this card template. Click Ok to close the dialog. Issue Smart Card Logon versasec.com 6(13)

6. Allow all other default settings in the General dialog and click Ok to save the settings and close this dialog. 7. Click the Edit link for Issue Card. Issue Smart Card Logon versasec.com 7(13)

8. From User ID Options section enable Assign User ID and select the AD connection already configured. Issue Smart Card Logon versasec.com 8(13)

9. From Enroll Certificate Options section enable Enroll certificate(s) and click the Add button. Select the CA connection already configured from the Certificate Authority drop down list and select the smart card logon certificate template as configured on your CA from the Certificate template list and click Ok to save and close the dialog. 10. Allow all other defaults for the Issue Card dialog and click Ok to save and close. Issue Smart Card Logon versasec.com 9(13)

11. Click Ok to save and close the card template configuration. Issue Smart Card Logon versasec.com 10(13)

Step 3 Issue Smart Card Token 1. From the Lifecycle page attach the smart card token that is to be issued and click the Issued oval. Select the card template from the Select card template drop-down list and click the Execute button. 2. Enter the Operator token PIN (Passcode) code when prompted. 3. Select a user from AD that the smart card token is to be issued to. Issue Smart Card Logon versasec.com 11(13)

4. When the issuance completes a message dialog indicating that an authentication key has been added to the S-Series will appear followed by a short summary dialog with details on what operations have been performed. The smart card token is now in an Issued state as can be seen from the process diagram. By default, the smart card PIN will be blocked so it will be necessary to unblock the smart card. Typically, the person who will use this smart card will set the PIN code on the smart card. 5. Click the Active oval and click the Execute button. 6. Enter the Operator token PIN (Passcode) code when prompted. 7. Enter the PIN code that will be set on the smart card token. Click Initiate to set the PIN code on the smart card and make it active. Issue Smart Card Logon versasec.com 12(13)

8. A summary dialog will appear. Click Ok to close. Step 4 Perform Windows Smart Card Logon On a Windows system connected to the domain attach the smart card token and enter the smart card PIN code created earlier to logon. This completes the use case. Issue Smart Card Logon versasec.com 13(13)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback