Prijava v domenske računalnike Windows z MS Active Directory#

(Nitrokey Storage 2 - macOS)

  1. Prenesite in namestite najnovejši OpenSC.

  2. V C:Program Files:OpenSC ProjectOpenSCopensc.conf z urejevalnikom besedila dodajte naslednje nastavitve.

# Nitrokey Pro 2, OpenPGP Card, Nitrokey Storage 2
card_atr 3b:da:18:ff:81:b1:fe:75:1f:03:00:31:f5:73:c0:01:60:00:90:00:1c  {
    type = 9002;
    driver = "openpgp";
    # name = "Nitrokey Pro 2";
    md_read_only = false;
    md_supports_X509_enrollment = true;
}
# Nitrokey Pro, OpenPGP Card
card_atr 3B:DA:18:FF:81:B1:FE:75:1F:03:00:31:C5:73:C0:01:40:00:90:00:0C {
    type = 9002;
    driver = "openpgp";
    # name = "Nitrokey Pro";
    md_read_only = false;
    md_supports_X509_enrollment = true;
}
# Nitrokey HSM 2, SmartCard-HSM
card_atr 3b:de:18:ff:81:91:fe:1f:c3:80:31:81:54:48:53:4d:31:73:80:21:40:81:07:1c {
    type = 26000;
    driver = "sc-hsm";
    # name = "Nitrokey HSM 2";
    md_read_only = false;
    md_supports_X509_enrollment = true;
}
# Nitrokey HSM, SmartCard-HSM
card_atr 3B:FE:18:00:00:81:31:FE:45:80:31:81:54:48:53:4D:31:73:80:21:40:81:07:FA {
    type = 26000;
    driver = "sc-hsm";
    # name = "Nitrokey HSM";
    md_read_only = false;
    md_supports_X509_enrollment = true;
}
  1. Odprite ukazni terminal in vnesite „regedit“. S programom regedit uvozite to datoteko.

  2. Zdaj lahko za svoje uporabnike, ki jih upravljate v Microsoftovem imeniku Active Directory, vpišete Nitrokeys. Uporabite lahko Microsoftov PKI, gpgsm ali Smart Policy. V naslednjih korakih je opisana uporaba pametne politike.

  3. Prenesite in namestite Smart Policy.

  4. Izberite „Preberite pametno kartico“.

Img1
  1. Izberite potrdilo, preslikavo in uporabnika.

Img2
  1. Preverite stanje naprave prek seznama CRL.

Img3
  1. Izberite objekt skupinske politike (GPO).

Img4
  1. Potrdite uporabo preslikave.

Img5

Od zdaj naprej morate ob prijavi v računalnik Windows povezati ključ Nitrokey in vnesti kodo PIN.

Img6