Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
This section defines the settings of actions using a smart card within the frame of smart card usage policy. The description of section parameters is given in the Table 4.
Table 4 – Settings of smart card actions.
Option | Description | Default value | ||||
---|---|---|---|---|---|---|
Add card automatically | Add the smart card to the system (if it wasn’t added earlier) when issued or assigned to user. If the option is disabled, then it is prohibited to issue or assign the card that is connected to a computer but not added to the system. | Disabled | ||||
Enable PIN reset | Enables the administrator to reset PIN codes of user smart cards. | Enabled | ||||
Enable offline unlock | Makes it possible to unlock a user smart card with system administrator assistance when there is no connection between the user workstation and Indeed CM Axidian CertiFlow server. To unlock his or her smart card, the user must know answers to the security questions. Validation of An additional condition for unlocking the smart card is checking the answers to security questions for smart card unlocking can be disabled if necessary (Validate answers to security questions option) set by the user in the self-service. | Enabled | ||||
Enable cancel of card updating | Allows the Indeed CM administrator or operator to cancel updating of the user smart card contents. | Enabled | ||||
User can add card | This option allows to issue a card, not yet added to the system. The card will be added to the system automatically while issuing. The option is available only if the Add card automatically option is enabled. | Disabled | ||||
User can assign card | This option allows to issue a smart card, not assigned to the user by the administrator. | Disabled | ||||
User can revoke card | This option allows the user to revoke his or her their smart card. | Enabled | ||||
User can enable card | This option allows user to enable his or her their smart card (if it was disabled earlier). | Enabled | ||||
User can disable card | This option allows the user to disable his or her their smart card (if it was enabled earlier). | Enabled | ||||
User can clear card | This option allows the user to clear up the contents of his or her their smart card when it is revoked by an operator with Card removal and Card update reasons. The smart card remains assigned to the user after clearing. | Disabled | ||||
User can reset PIN | The user is allowed to reset PIN code of his or her their smart card. | Disabled | ||||
User can update card | This option allows the user to update certificates on his or her their smart card if they expired or expire shortly. | Enabled | ||||
User can select optional certificates when issuing card | If enabled, the user can select the certificates (from the optional ones) to be written to the smart card, while issuing it in the Self Service applicationusers can write optional certificates when issuing a card in Self-Service. If disabled, users cannot write optional certificates to a card. | Disabled | ||||
User can select optional certificates when updating card | then the certificates marked as optional in the smart card issuing policy, would not be written to the card. | Disabled | users cannot write optional certificates to a card.
| |||
User can issue AirCardUser can issue AirKey card | If enabled, the users can issue AirCards in Self-Service application on their own. AirCard issuance is only possible if integration with Axidian AirCard Enterprise is set up. | Disabled | ||||
User must answer the security questions on first logon to self-service | If enabled, the user must define security questions and answers to those after logging into Self-Service application for the first time. These questions will be used for user authentication later. If disabled, then the form for security question setup is not displayed upon logging into Self-Service. A user can define the security questions later at any time. | Enabled | ||||
User can change the answers to security questions | If enabled, the users can change the answers to security questions after they define into Self-Service application. If disabled, users will not be able to change answers to security questions after they are installed into Self-Service application. Administrators and operators can reset answers to secret questions for later installation by users. | Disabled | ||||
Enable certificate tracing | If enabled, Axidian CertiFlow detects certificates and private keys if there are any on a new smart card. You can be notified about expiring certificates. To get notifications, create Traced certificates expiring notification for administrator and user on Notifications tab. You can print out traced certificates in Management Console and in Self-Service with a default certificate printing template. To log information on traced certificates, select Add traced certificates to custom logs.
| Disabled |