Whats New
Introduction
Installation
ESC
Preboot
PIM
Doc Manager
KTM
Uninstall
Supplementary Info
Glossary
Troubleshoting
Online Resources
Tech Support

Enter a word or phrase into the table below to search the knowledgebase.
 
Previous    I    Next    I    EMBASSY Security Center    >    Authentication Types & User Enrollment

3.4.5 Steps to Enroll/Update Smart Card
  1. Start the EMBASSY Security Center and select Windows Login.

  2. Go to the User Enrollment section and select the Enroll/Update SmartCard button (as shown in Figure 3.60), this launches a simple wizard that will guide you through generating a certificate and enrolling users for SmartCard authentication (see Figure 3.61).


    3. Figure 3.60: ESC - Select the Enroll/Update SmartCard

    Note: Only a Domain Administrator will have access to Enroll/Update SmartCard. If the Enroll/Update SmartCard button is inactive, it's because you 1st need to install a digital certificate.


    Figure 3.61: SmartCard based PKI Enrollment Wizard
  3. Press Next, then the Select User and Domain to Enroll dialog box will be displayed (see Figure 3.62)


    4. Figure 3.62: Select user and Domain to Enroll
  4. Press the Select User button; this will display the window shown in Figure 3.63.


    5. Figure 3.63: SmartCard-based PKI Enrollment Wizard - Select user
  5. On the Select user dialog (Figure 3.63) you press Location to verify the location and press Advanced to select a valid user id (see Figure 3.64). Then Press OK.

  6. This will display the dialog screen shown in Figure 3.65, verify that you have selected correct location and user id, and then press OK.


    7. Figure 3.64: Select User - Advanced


    Figure 3.65: Select User - user selected


    Figure 3.66: SmartCard-based PKI Enrollment Wizard - user selected
  7. Figure 3.66 above shows the information of the userid and domain entered in the Select User and Domain to enroll window. Verify information, you can make corrections by pressing Back, otherwise press Next to continue.

  8. Once you have selected a user, you now need to associate that user with a smart card and the Digital certificate of authority that was previously installed on the computer. On Figure 3.67, you will be prompted to enter the name of the server where you obtained your certificate of authority, then press Next.

  9. Now you will be prompted to select the type of SmartCard that you will be using to authenticate, select one from the list (see Figure 3.68), then press Next.


    10. Figure 3.67: SmartCard-based PKI Enrollment - Certification Authority Selection


    Figure 3.68: Select Smart Card CSP


    Figure 3.69: SmartCard-based PKI Enrollment Wizard - Verify Information
  10. Once you have chosen the type of SmartCard reader that you will be using, the Verify Information screen will be displayed. See Figure 3.69, you will now have the opportunity to verify the information you have selected, if any of the information is incorrect you may press go Back to make the necessary corrections. If the information is correct then press Next to continue.

  11. Now the SmartCard gets configured with the information shown in Figure 3.69. You will now be prompted to enter the SmartCard PIN information, see Figure 3.70. Enter the PIN number and then press OK.

  12. Figure 3.71, 3.72 and 3.73 show the process the wizard is taking to configure the smart card, it first generates the keys, then it requests the certificate and then it accepts and installs the information into the SmartCard. Once it has completed these steps, you have successfully enrolled a SmartCard for a user (see Figure 3.74).

  13. To enroll/update additional SmartCards you must go back to step 2.


    Figure 3.70: SmartCard Pin configuration



    Figure 3.71: SmartCard-based PKI Enrollment - Generating SmartCard Keys



    Figure 3.72: SmartCard-based PKI Enrollment - Requesting Certificate



    Figure 3.73: SmartCard-based PKI Enrollment Wizard - Accepting Certificate



    Figure 3.74: SmartCard-based PKI enrollment wizard - Enrollment Successful
Previous    I    Next    I    Top    I    EMBASSY Security Center    >    Authentication Types & User Enrollment