Requirements
- Windows Hello for Business has been deployed in the infrastructure.
- The Enrolling WHfB in self-serviceWindows Hello for Business (WHfB) option is enabled in the Common features section section of the Indeed CM Setup Axidian CertiFlow Configuration Wizard.
- The card type has been added to the system configuration Whfb.xml.
- The user's workstation is equipped with the Trusted Platform Module 2.0.
- The IndeedCMThe AxidianCertiFlow.WHfB.Middleware component is installed on the workstation.
When issuing the smart card in Self-Service, the user will be suggested to Enroll WHfB or select a connected hardware smart card.
| Note |
|---|
|
After clicking the Issue button, Axidian CertiFlow will open the PIN Settings window for После нажатия кнопки Выпустить Indeed CM вызовет настройку PIN-кода для Windows Hello:
Click Нажмите Задать PIN-код (Set up PIN), введите учетные данные для основной и пользовательской (с помощью Indeed CM MFA адаптера) проверки подлинности и нажмите Submit.
Создайте PIN-код и нажмите ОК.
После успешного создания PIN-кода Indeed CM продолжит выпуск карты:
Запросит сертификаты по шаблонам добавленным в политику использования устройств
- Запишет их на устройство
- Закрепит устройство за пользователем
WHfB может использоваться как и аппаратные устройства на рабочей станции пользователя. Например, для аутентификации в домене.
, enter the credentials for basic and user authentication (using the Axidian CertiFlow MFA adapter), and click Submit.
Set up a PIN and click OK.
After successfully creating the PIN, Axidian CertiFlow will continue issuing the card:
Certificates will be requested based on templates added to the smart card usage policy.
- They will be written down on the card.
- The card will be assigned to the user.
The WHfB card can be used just like hardware smart cards on the user's workstation. For example, for authentication in a domain.
