Sisselogimine Windowsi domeeniarvutitesse MS Active Directoryga#

  1. Laadige alla ja installige uusim OpenSC.

  2. Use a text editor to add the following settings to C:\Program Files:\OpenSC Project\OpenSC\opensc.conf.

    # Nitrokey Pro 2, OpenPGP Card, Nitrokey Storage 2
    card_atr 3b:da:18:ff:81:b1:fe:75:1f:03:00:31:f5:73:c0:01:60:00:90:00:1c  {
            type = 9002;
            driver = "openpgp";
            # name = "Nitrokey Pro 2";
            md_read_only = false;
            md_supports_X509_enrollment = true;
    }
    # Nitrokey Pro, OpenPGP Card
    card_atr 3B:DA:18:FF:81:B1:FE:75:1F:03:00:31:C5:73:C0:01:40:00:90:00:0C {
            type = 9002;
            driver = "openpgp";
            # name = "Nitrokey Pro";
            md_read_only = false;
            md_supports_X509_enrollment = true;
    }
    # Nitrokey HSM 2, SmartCard-HSM
    card_atr 3b:de:18:ff:81:91:fe:1f:c3:80:31:81:54:48:53:4d:31:73:80:21:40:81:07:1c {
            type = 26000;
            driver = "sc-hsm";
            # name = "Nitrokey HSM 2";
            md_read_only = false;
            md_supports_X509_enrollment = true;
    }
    # Nitrokey HSM, SmartCard-HSM
    card_atr 3B:FE:18:00:00:81:31:FE:45:80:31:81:54:48:53:4D:31:73:80:21:40:81:07:FA {
            type = 26000;
            driver = "sc-hsm";
            # name = "Nitrokey HSM";
            md_read_only = false;
            md_supports_X509_enrollment = true;
    }
    
  3. Avage käsurea ja sisestage „regedit“. Kasutage regedit’i, et importida see fail.

  4. Nüüd saate registreerida Nitrokeys oma kasutajate jaoks, keda hallatakse Microsoft Active Directory’s. Võite kasutada kas Microsoft PKI-d, gpgsm või Smart Policy. Järgnevad sammud kirjeldavad Smart Policy kasutamist.

  5. Ladige alla ja installige Smart Policy.

  6. Valige „Loe kiipkaarti“

    img1
  7. Valige sertifikaat, kaardistus ja kasutaja.

    img2
  8. Kontrollige seadme olekut CRLi kaudu.

    img3
  9. Valige grupipoliitika objekt (GPO).

    img4
  10. Kinnitage kaardistamise kohaldamine.

img5

Nüüdsest alates peate oma Windowsi arvutisse sisselogimisel ühendama Nitrokey ja sisestama oma PIN-koodi.

img6