Sisselogimine Windowsi domeeniarvutitesse MS Active Directoryga

1. Laadige alla ja installige uusim OpenSC.

2. Kasutage tekstiredaktorit, et lisada järgmised seaded aadressile C:\Program Files:\OpenSC Project\OpenSC\opensc.conf.

# Nitrokey Pro 2, OpenPGP Card, Nitrokey Storage 2
card_atr 3b:da:18:ff:81:b1:fe:75:1f:03:00:31:f5:73:c0:01:60:00:90:00:1c  {
    type = 9002;
    driver = "openpgp";
    # name = "Nitrokey Pro 2";
    md_read_only = false;
    md_supports_X509_enrollment = true;
}
# Nitrokey Pro, OpenPGP Card
card_atr 3B:DA:18:FF:81:B1:FE:75:1F:03:00:31:C5:73:C0:01:40:00:90:00:0C {
    type = 9002;
    driver = "openpgp";
    # name = "Nitrokey Pro";
    md_read_only = false;
    md_supports_X509_enrollment = true;
}
# Nitrokey HSM 2, SmartCard-HSM
card_atr 3b:de:18:ff:81:91:fe:1f:c3:80:31:81:54:48:53:4d:31:73:80:21:40:81:07:1c {
    type = 26000;
    driver = "sc-hsm";
    # name = "Nitrokey HSM 2";
    md_read_only = false;
    md_supports_X509_enrollment = true;
}
# Nitrokey HSM, SmartCard-HSM
card_atr 3B:FE:18:00:00:81:31:FE:45:80:31:81:54:48:53:4D:31:73:80:21:40:81:07:FA {
    type = 26000;
    driver = "sc-hsm";
    # name = "Nitrokey HSM";
    md_read_only = false;
    md_supports_X509_enrollment = true;
}

3. Avage käsurea ja sisestage „regedit“. Kasutage regedit’i, et importida see fail.

4. Nüüd saate registreerida Nitrokeys oma kasutajate jaoks, keda hallatakse Microsoft Active Directory’s. Võite kasutada kas Microsoft PKI-d, gpgsm või Smart Policy. Järgnevad sammud kirjeldavad Smart Policy kasutamist.

5. Ladige alla ja installige Smart Policy.

6. Valige „Loe kiipkaarti“

7. Valige sertifikaat, kaardistus ja kasutaja.

8. Kontrollige seadme olekut CRLi kaudu.

9. Valige grupipoliitika objekt (GPO).

10. Kinnitage kaardistamise kohaldamine.

Nüüdsest alates peate oma Windowsi arvutisse sisselogimisel ühendama Nitrokey ja sisestama oma PIN-koodi.