Configuring logon mode

There are two ways for end users of logging on with a token. A combination of both logon methods is possible.

• Logging on with user ID/password

• Logging on with token

  When logging on with token/smartcard, you can either select the non-cryptographic method or the Kerberos (cryptographic) method.

As a security officer, you specify the logon mode to be used in a policy of the type Authentication.

If you select the token logon option Kerberos:

• You need to issue a certificate in a PKI and store it on the token. This certificate is imported as a user certificate into the SafeGuard Enterprise Database. If an automatically generated certificate already exists in the database, it is replaced by the imported certificate.