Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This section defines the settings of actions using a smart card within the frame of smart card usage policy. The description of section parameters is given in the Table 4.

Table 4 – Settings of smart card actions.

OptionDescriptionDefault value
Add card automaticallyAdd the smart card to the system (if it wasn’t added earlier) when issued or assigned to user. If the option is disabled, then it is prohibited to issue or assign the card that is connected to a computer but not added to the system.Disabled
Enable PIN resetEnables the administrator to reset PIN codes of user smart cards.Enabled
Enable offline unlock

Makes it possible to unlock a user smart card with system administrator assistance when there is no connection between the user workstation and Indeed CM Axidian CertiFlow server.

To unlock his or her smart card, the user must know answers to the security questions. Validation of An additional condition for unlocking the smart card is checking the answers to security questions for smart card unlocking can be disabled if necessary (Validate answers to security questions option) set by the user in the self-service.

Enabled
Enable cancel of card updatingAllows the Indeed CM administrator or operator to cancel updating of the user smart card contents.Enabled
User can add cardThis option allows to issue a card, not yet added to the system. The card will be added to the system automatically while issuing. The option is available only if the Add card automatically option is enabled.Disabled
User can assign cardThis option allows to issue a smart card, not assigned to the user by the administrator.Disabled
User can revoke cardThis option allows the user to revoke his or her their smart card.Enabled
User can enable cardThis option allows user to enable his or her their smart card (if it was disabled earlier).Enabled
User can disable cardThis option allows the user to disable his or her their smart card (if it was enabled earlier).Enabled
User can clear cardThis option allows the user to clear up the contents of his or her their smart card when it is revoked by an operator with Card removal and Card update reasons. The smart card remains assigned to the user after clearing.Disabled
User can reset PINThe user is allowed to reset PIN of his or her their smart card.Disabled
User can update cardThis option allows the user to update certificates on his or her their smart card if they expired or expire shortly.Enabled
User can select optional certificates when issuing card

If enabled, the user can select the certificates (from the optional ones) to be written to the smart card, while issuing it in the Self-Service applicationusers can write optional certificates when issuing a card in Self-Service.

If disabled, users cannot write optional certificates to a card.

Disabled
User can select optional certificates when updating card

If enabled, users can write optional certificates when updating a card in Self-Service.

If disabled,

then the certificates marked as optional in the smart card issuing policy, would not be written to the card.
Disabled

users cannot write optional certificates to a card.

Tip

You can set an alert message to appear in the optional certificates selection window when users issue or update a card. Enter your text in the Message text when users select optional certificates field.


User can issue AirCardUser can issue AirKey card


If enabled, the users can issue

AirKey cards

AirCards in Self-Service application on their own.

AirKey card

AirCard issuance is only possible if integration with

с Indeed AirKey

Axidian AirCard Enterprise is set up.

Disabled
User must answer the security questions on first logon to self-service

If enabled, the user must define security questions and answers to those after logging into Self-Service application for the first time. These questions will be used for user authentication later.

If disabled, then the form for security question setup is not displayed upon logging into Self-Service. A user can define the security questions later at any time.

Enabled
User can change the answers to security questions

If enabled, the users can change the answers to security questions after they define into Self-Service application.

If disabled, users will not be able to change answers to security questions after they are installed into Self-Service application. Administrators and operators can reset answers to secret questions for later installation by users.

Disabled
Enable certificate tracing

If enabled,

the Indeed CM will search for

Axidian CertiFlow detects certificates and

corresponding

private keys

on the

if there are any on a new smart card.

The Indeed CM can send corresponding email notifications when such certificates are about to expire. In the

You can be notified about expiring certificates. To get notifications, create Traced certificates expiring notification for administrator and user on Notifications tab.

You can print out traced certificates in Management Console and in

the

Self-Service

application, it is possible to print traced certificates using the standard certificate print template in the system

with a default certificate printing template.

To log information on traced certificates, select Add traced certificates to custom logs.


Tip

Add traced certificates to custom logs option is available if you activate Custom Log in Common features of Axidian CertiFlow Configuration Wizard.


Disabled