Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Red Hat Enterprise Linux 6 Essentials eBook now available in PDF and ePub formats for only $9.99
RHEL 6 Essentials contains 40 chapters and over 250 pages.

5.3. Enrolling a Smart Card Automatically

Because the Enterprise Security Client is configured using the Phone Home feature, enrolling a smart card is extremely easy. Because the information needed to contact the backend TPS server is provided with each smart card, the user is guided quickly and easily through the procedure.
To enroll an uninitialized smart card:

NOTE

This procedure assumes that the smart card is uninitialized and the appropriate Phone Home information has been configured.
  1. Ensure that the Enterprise Security Client is running.
  2. Insert an uninitialized smart card, pre-formatted with the Phone Home information for the TPS and the enrollment interface URL for the user's organization.
    The smart card can be added either by placing a USB form factor smart card into a free USB slot, or by inserting a standard, full-sized smart card into a smart card reader.
    When the system recognizes the smart card, it displays a message indicating it has detected an uninitialized smart card.
  3. Click Enroll My Smart Card Now to display the smart card enrollment form.

    NOTE

    If you remove the card at this point, a message displays stating that the smart card can no longer be detected. Reinsert the card to continue with the enrollment process.
    The enrollment files are accessed remotely; they reside on the TPS instance. If the network connection is bad or broken, then, an error may come up saying Check the Network Connection and Try Again. It is also possible that the enrollment window appears to open but the enrollment process does not proceed. The enrollment pages can be cached if the Enterprise Security Client previously connect to them successfully, so the enrollment UI opens even if the network is offline. Try restarting Enterprise Security Client and check the network connection.
  4. Because the Smart Card Manager now knows where the enrollment UI is located (it is included in the Phone Home information), the enrollment form is displayed for the user to enter the required information.
    This illustration shows the default enrollment UI included with the TPS server. This UI is a standard HTML form, which you can customize to suit your own deployment requirements. This could include adding a company logo or adding and changing field text.
  5. The sample enrollment UI requires the following information for the TPS server to process the smart card enrollment operation:
    • LDAP User ID. This is the LDAP user ID of the user enrolling the smart card; this can also be a screen name or employee or customer ID number.
    • LDAP Password. This is the password corresponding to the user ID entered; this can be a simple password or a customer number.

      NOTE

      The LDAP user ID and password are related to the Directory Server user. The TPS server is usually associated with a Directory Server, which stores user information and through which the TPS authenticates users.
      Passwords must conform to the password policy configured in the Directory Server.
    • Password and Re-Enter Password. These fields set and confirm the smart card's password, used to protect the card information.
  6. After you have entered all required information, click Enroll My Smart Card to submit the information and enroll the card.
  7. When the enrollment process is complete, a message page opens which shows that the card was successfully enrolled and can offer custom instructions on using the newly-enrolled smart card.

 
 
  Published under the terms of the Creative Commons License Design by Interspire