I try to configure EEPC 5.2.8 for pre-boot authentication bySafenet eToken (Aladdin eToken).
In EMM Manager I assign token for user. In my case thiseToken Pro 32K.
Client installed successful and start to encrypt hard disk. Boot protection installed also.
After reboot, then prompted for authentication, I choice “eTokenCetrification USB”.
Enter username and password and then asked to insert token.Altrouh eToken connected, I try to remove it and reconnect again. Pressed “OK”and asked to connect token again.
Tested on Lenovo laptop L412 with Win7 32 bit.
Solved! Go to Solution.
I had a similar problem yesterday and the solution was a BIOS upgrade ;o) Did you try all USB ports on that laptop? Does this token show, e.g. via LED, if it's accessed?
did you mean to pick the PKI version - ie, did you set up the connector, glue it into your PKI certificate store, publish the certs to your Active Directory etc? Or, did you mean to use the storage token, which you can provision to the user directly from EEM?
You can't assign a PKI token to a user within EEM - you need the connector to do that for you, but you can assign (and create) a storage token. I think you might have picked the wrong one for the clients?
Thanks for reply
1. Yes i try all two USB ports and eToken's led not turned on on connection of token or trying to access. In Windows with Aladdin RTE installed his works (turned ON)
2. I try to enroll eToken with EMM manager not by using certificate from external CA.
3. On eMM server RTE for eToken installed and during enrolment I asked for password to access eToken. So i think in this step all right.
I think in EEM you are using a storage token, but the file group you sent to the machine is the PKI (Certificate Token). You can't enrole a PKI token from within EEM.
you need to make sure you have the correct and same token on both sides.
what options in the Token list are you seeing pre-boot? Perhaps attach a screen shot?
I try to set in file group a both Aladdin tokens and only one - same result. Attached images of Pre-Boot screen and details of used eToken.
Thank You for reply.
does the LED on the token come on pre-boot? If not, then your machine simply might not have a working USB stack - you might need to update the BIOS on it, or it ma simply not work at all. It depends on the manufacturer of the machine supporting the standard BIOS calls.
LED on token not working in pre-boot phase, but boot from usb stick working. I check Lenovo web site and found newer version of BIOS. So after upgrade ill post update.
Thank you again.
My guess is that you're trying to autehnticate using a certificate stored on that token. You'll have to use the Connector Manager to sincronize the users with AD and somewhere around those menus you can assign the type of authentication token used if it finds a certificate in AD for the user (use etoken certificate usb key).