Whats New
Introduction
Installation
ESC
Preboot
PIM
Doc Manager
KTM
Uninstall
Supplementary Info
Glossary
Troubleshoting
Online Resources
Tech Support

Enter a word or phrase into the table below to search the knowledgebase.
 
Previous    I    Next    I    EMBASSY Security Center    >    Authentication Types & User Enrollment

3.4.4 Steps to Enroll/Update TPM
  1. Start the EMBASSY Security Center and select Windows Login.

  2. Go to the User Enrollment section and select the Enroll/Update TPM button (as shown in Figure 3.30).


    3. Figure 3.30: ESC - Select the Enroll/Update TPM

    Note: Only a Domain Administrator will have access to Enroll/Update TPM. If the Enroll/Update TPM button is inactive, it's because you 1st need to install a digital certificate.

  3. Selecting the Enroll/Update TPM will launch a wizard that will guide you through creating a TPM-based certificate and enrolling users for TPM-based authentication (see Figure 3.31).


    4. Figure 3.31: TPM-based PKI Enrollment Wizard
  4. Press Next, then the Select User and Domain to Enroll dialog box will be displayed (see Figure 3.32)

  5. Press the Select User button; this will display the window shown in Figure 3.33.


    6. Figure 3.32: TPM-based PKI Enrollment Wizard - Select User


    Figure 3.33: TPM-based PKI Enrollment Wizard - Enter Userid
  6. Press Location to verify the location and press Check Names to verify it's a valid user id (see Figure 3.34). Then Press OK.


    7. Figure 3.34: TPM-based PKI Enrollment Wizard - Enter Userid
  7. Figure 3.35 shows the information of the userid and domain entered in the Select User and Domain to enroll window. Verify information, you can make corrections by pressing Back, otherwise press Next to continue.


    8. Figure 3.35: TPM-based PKI Enrollment Wizard - User to enroll selected


    Figure 3.36: TPM-based PKI Enrollment Wizard - Create Key
  8. Then next step is to create the password that the user will use to login, see Figure 3.36, then press OK.

  9. Once the password has been created, you need to associate the password with the Digital certificate of authority that was previously installed on the computer. See Figure 3.37, enter the name of the server where you obtained your certificate of authority, then press Next.

  10. Figure 3.38 shows that it's building a certificate request, once the request has been build it will prompt you to enter the password you just created (see Figure 3.39), enter the password and press OK.


    11. Figure 3.37: TPM-based PKI Enrollment Wizard - CA Selection


    Figure 3.38: TPM-based PKI Enrollment Wizard - Building Certificate Request


    Figure 3.39: TPM-based PKI Enrollment Wizard - Enter password
  11. Figure 3.40 shows that it's accepting the certificate, once that step has completed successfully, you would have successfully enrolled your user, see Figure 3.41.

    12. Note: To enroll additional users you will repeat the steps just performed.


    Figure 3.40: TPM-based PKI Enrollment Wizard - Accepting Certificate


    Figure 3.41: TPM-based PKI Enrollment Wizard - Enrollment Complete
Previous    I    Next    I    Top    I    EMBASSY Security Center    >    Authentication Types & User Enrollment