- Created by Mikhail Yakovlev, last modified by Ilya Solovyev on Nov 09, 2022
Installation of Indeed CM Middleware
The Indeed CM Middleware components are installed at Indeed Certificate Manager operator workstations and user workstations. The Middleware components to install are selected depending on the smart card type used in the company. For example, you have to install the IndeedCM.Gemalto.Middleware component to work with Thales (Gemalto) smart cards. Similarly, for Feitian smart cards you need IndeedCM.ePass.Middleware.
Run the IndeedCM.Middleware.msi file from the Indeed CM installation package (Indeed CM.Client directory) and perform installation, following the wizard directions.
Drivers and service utilities for the smart cards and readers to be used with the Indeed CM system should be installed onto all the user workstations. This software is not a part of Indeed CM delivery scope.
Correspondence table of manufacturers, device model and client Middlewares:
| Manufacturer | Device model | Middleware |
|---|---|---|
| ACS | ACOS5-64 | IndeedCM.ACOS.Middleware |
| Bit4id | ID-One Cosmo | IndeedCM.Bit4Id.Middleware |
| CRYPTAS | TicTok V2/V3 | IndeedCM.TicTok.Middleware |
Cryptovision | ePasslet Suite v3.0, JCOP V3.0 | IndeedCM.Cryptovision.Middleware |
| Feitian | ePass2003 (A1+, A2) BioPass2003 | IndeedCM.ePass.Middleware |
| HID | Crescendo C1150 Series Crescendo C1300 Series Crescendo C2300 Series | IndeedCM.HID.Middleware |
| Indeed Identity | AirKey Network Smart Card | IndeedCM.AirKey.Middleware |
Microsoft | Local Computer Certificate Store User Certificate Store | IndeedCM.Registry.Middleware To be able to issue Registry cards through Self-Service with writing certificates to the certificates storage of the computer and/or user, configure the appropriate group policy. |
TPM Virtual Smart Card (Microsoft VSC) - Virtual Smart Card Trusted Platform Module v.2.0 | IndeedCM.TPM.Middleware | |
Windows Hello for Business (WHfB) | IndeedCM.WHfB.Middleware | |
| RSA | RSA SecurID 800 | IndeedCM.RSA.Middleware |
Thales Group (Ex SafeNet and Gemalto) | SafeNet eToken PRO 32k SafeNet eToken PRO 64k eToken PRO Java 72K OS755 SafeNet eToken 5105 SafeNet eToken 5110 IDCore30B eToken 1.7.7 | IndeedCM.eToken.Middleware |
IDPrime MD 830 IDPrime MD 840 IDPrime MD 3810 IDPrime MD 3811 | IndeedCM.Gemalto.Middleware | |
| Yubico | YubiKey 5 Series | IndeedCM.YubiKey.Middleware |
Installation of Indeed CM Client Tools
Indeed CM Client Tools is the component for unlocking the smart cards used for Windows authentication, both in online and offline mode and for unlocking the smart cards not used to login to the operating system.
Run the IndeedCM.ClientTools.msi file from the Indeed CM installation package (Indeed CM.Client directory) and perform installation, following the wizard directions. This component is installed to user workstations only.
Installation of Indeed CM Agent
Indeed CM Agent is an additional component of the system, its installation and configuration are performed after the deployment and configuration of Indeed Certificate Manager. This component is intended for remote management, status monitoring and control over the use of personal user authentication cards (USB tokens, smart cards). In automatic mode, using an agent at user workstations, operations are performed to lock and unlock, clean and change the cards administrator’s PIN; monitoring the cards status with recording information in the system log about the presence of locked cards in the system, connecting unregistered cards, attempts to enter an invalid PIN. If defined card usage rules are violated (say, card is connected to another user workstation), then the card or user session might be locked. The component is installed onto the workstations where the cards issued with Indeed CM are connected to.
Run the IndeedCM.Agent.msi from Indeed CM installation package (Indeed CM.Client directory) and complete the procedure, following the Wizard instructions. The Agent starts up automatically after installation.
Indeed CM Middleware, drivers and service utilities for the smart cards and readers to be used with the Indeed CM Agent should be installed onto all the user workstations.
The parameters required to connect to Indeed CM server are configured during installation via Group Policy or Windows registry.
- No labels