Configuring logon mode
There are two ways for end users of logging on with a token. A combination of both logon methods is possible.
Logging on with user ID/password
-
Logging on with token
When logging on with token/smartcard, you can either select the non-cryptographic method or the Kerberos (cryptographic) method.
As a security officer, you specify the logon mode to be used in a policy of the type Authentication.
If you select the token logon option Kerberos:
- You need to issue a certificate in a PKI and store it on the token. This certificate is imported as a user certificate into the SafeGuard Enterprise Database. If an automatically generated certificate already exists in the database, it is replaced by the imported certificate.