Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
This section defines the settings of actions using a smart card within the frame of smart card usage policy.
| Option | Description | Default value | ||||
|---|---|---|---|---|---|---|
| Add card automatically | Add the smart card to the system (if it wasn’t added earlier) when issued or assigned to user. If the option is disabled, then it is prohibited to issue or assign the card that is connected to a computer but not added to the system. | Disabled | ||||
| Enable PIN reset | Enables the administrator to reset PIN of user smart cards. | Enabled | ||||
| Enable offline unlock | Makes it possible to unlock a user smart card with system administrator assistance when there is no connection between the user workstation and Indeed CM Axidian CertiFlow server. An additional condition for unlocking the smart card is checking the answers to security questions (Validate answers to security questions option) set by the user in the self-service. | Enabled | ||||
| Enable cancel of card updating | Allows the Indeed CM administrator or operator to cancel updating of the user smart card contents. | Enabled | ||||
| User can add card | This option allows to issue a card, not yet added to the system. The card will be added to the system automatically while issuing. The option is available only if the Add card automatically option is enabled. | Disabled | ||||
| User can assign card | This option allows to issue a smart card, not assigned to the user by the administrator. | Disabled | ||||
| User can revoke card | This option allows the user to revoke their smart card. | Enabled | ||||
| User can enable card | This option allows user to enable their smart card (if it was disabled earlier). | Enabled | ||||
| User can disable card | This option allows the user to disable their smart card (if it was enabled earlier). | Enabled | ||||
| User can clear card | This option allows the user to clear up the contents of their smart card when it is revoked by an operator with Card removal and Card update reasons. The smart card remains assigned to the user after clearing. | Disabled | ||||
| User can reset PIN | The user is allowed to reset PIN of their smart card. | Disabled | ||||
| User can update card | This option allows the user to update certificates on their smart card if they expired or expire shortly. | Enabled | ||||
| User can select optional certificates when issuing card | If enabled, the user can select the certificates (from the optional ones) to be written to the smart card, while issuing it in the Self-Service applicationusers can write optional certificates when issuing a card in Self-Service. If disabled, users cannot write optional certificates to a card. | Disabled | ||||
| User can select optional certificates when updating card | then the certificates marked as optional in the smart card issuing policy, would not be written to the card. | Disabled | users cannot write optional certificates to a card.
| |||
| User can issue AirCardUser can issue AirKey card | If enabled, the users can issue AirCards in Self-Service application on their own. AirCard issuance is only possible if integration with Axidian AirCard Enterprise is set up. | Disabled | ||||
| User must answer the security questions on first logon to self-service | If enabled, the user must define security questions and answers to those after logging into Self-Service application for the first time. These questions will be used for user authentication later. If disabled, then the form for security question setup is not displayed upon logging into Self-Service. A user can define the security questions later at any time. | Enabled | ||||
| User can change the answers to security questions | If enabled, the users can change the answers to security questions after they define into Self-Service application. If disabled, users will not be able to change answers to security questions after they are installed into Self-Service application. Administrators and operators can reset answers to secret questions for later installation by users. | Disabled | ||||
| Enable certificate tracing | If enabled, Axidian CertiFlow detects certificates and private keys if there are any on a new smart card. You can be notified about expiring certificates. To get notifications, create Traced certificates expiring notification foradministrator Administratorand Useruser on Notifications tab. You can print out traced certificates in Management Console and in Self-Service with a default certificate printing template. If you need toTo log information on traced certificates, select Add traced certificates to custom logs.
| Disabled |
...