Prijava v domenske računalnike Windows z MS Active Directory#

  1. Prenesite in namestite najnovejši OpenSC.

  2. Use a text editor to add the following settings to C:\Program Files:\OpenSC Project\OpenSC\opensc.conf.

    # Nitrokey Pro 2, OpenPGP Card, Nitrokey Storage 2
    card_atr 3b:da:18:ff:81:b1:fe:75:1f:03:00:31:f5:73:c0:01:60:00:90:00:1c  {
            type = 9002;
            driver = "openpgp";
            # name = "Nitrokey Pro 2";
            md_read_only = false;
            md_supports_X509_enrollment = true;
    }
    # Nitrokey Pro, OpenPGP Card
    card_atr 3B:DA:18:FF:81:B1:FE:75:1F:03:00:31:C5:73:C0:01:40:00:90:00:0C {
            type = 9002;
            driver = "openpgp";
            # name = "Nitrokey Pro";
            md_read_only = false;
            md_supports_X509_enrollment = true;
    }
    # Nitrokey HSM 2, SmartCard-HSM
    card_atr 3b:de:18:ff:81:91:fe:1f:c3:80:31:81:54:48:53:4d:31:73:80:21:40:81:07:1c {
            type = 26000;
            driver = "sc-hsm";
            # name = "Nitrokey HSM 2";
            md_read_only = false;
            md_supports_X509_enrollment = true;
    }
    # Nitrokey HSM, SmartCard-HSM
    card_atr 3B:FE:18:00:00:81:31:FE:45:80:31:81:54:48:53:4D:31:73:80:21:40:81:07:FA {
            type = 26000;
            driver = "sc-hsm";
            # name = "Nitrokey HSM";
            md_read_only = false;
            md_supports_X509_enrollment = true;
    }
    
  3. Odprite ukazni terminal in vnesite „regedit“. S programom regedit uvozite to datoteko.

  4. Zdaj lahko za svoje uporabnike, ki jih upravljate v Microsoftovem imeniku Active Directory, vpišete Nitrokeys. Uporabite lahko Microsoftov PKI, gpgsm ali Smart Policy. V naslednjih korakih je opisana uporaba pametne politike.

  5. Prenesite in namestite program Smart Policy.

  6. Izberite „Preberite pametno kartico“.

    Img1
  7. Izberite potrdilo, preslikavo in uporabnika.

    Img2
  8. Preverite stanje naprave prek seznama CRL.

    Img3
  9. Izberite objekt skupinske politike (GPO).

    Img4
  10. Potrdite uporabo preslikave.

Img5

Od zdaj naprej morate ob prijavi v računalnik Windows povezati ključ Nitrokey in vnesti kodo PIN.

Img6