|Tokens and smartcards / Configuring logon mode|
A default token PIN that is distributed by policy enables automatic user logon at the SafeGuard Power-on Authentication. This avoids the need to issue each single token separately and enables users to automatically log on at the SafeGuard Power-on Authentication without any user interaction.
When a token is used at logon and a default PIN is assigned to the computer, the user is passed through at the SafeGuard Power-on Authentication without having to enter a PIN.
As a security officer you can set the specific PIN in a policy of the type Authentication and assign it to different computers or computer groups, for example to all computers residing in the same location.
To enable autologon with a default token PIN:
If you want to enable the Pass through to Windows option, you can later create another policy of the type Authentication with this option enabled and assign it to the same computer group, so that the RSOP has both policies active.
If the autologon on the endpoint has been successful, Windows is started.
If the autologon on the endpoint has failed, the user is prompted to enter the token PIN at the SafeGuard Power-on Authentication.