cancel
Showing results for 
Search instead for 
Did you mean: 
ivan.s
Level 7

Migrating from passwords to eToken 72k Java PKI

I've assigned 'password' policy to a computer group in System tree and then assigned 'etoken' policy to some AD groud using Policy assignment rules. After few Send/Recieve Policy/Events from the agent interface users from the group still have to use passwords. 

Any advice?

0 Kudos
4 Replies
georgec
Level 13

Re: Migrating from passwords to eToken 72k Java PKI

Do the users have in Active Directory digital certificates issued with the purpose of smartcard logon? You do have a Microsoft Enterprise CA, right?

on 10/11/12 6:39:42 AM CDT
0 Kudos
ivan.s
Level 7

Re: Migrating from passwords to eToken 72k Java PKI

Hi!

Certificates are issued, they are stored in UserCertificate LDAP Attribute. I've changed cert field name in the AD sync task. Yes, it is a MS CA. In AD attributes I can see certificates exactly in userCertificate attribute. Is there a way to check ceritificates in EEPC user info?

0 Kudos
georgec
Level 13

Re: Migrating from passwords to eToken 72k Java PKI

Where have you applied the policy to use the smardcards? at "My organisation" level? If not, try using a policy assignment rule to assign the user based policy to specific users that you're testing. From what I recall, the default policy applied to users is the one at my organisation level, and if you want specific polcies for users, or ad security groups of users, you'll have to use policy assignment rules.

0 Kudos
ivan.s
Level 7

Re: Migrating from passwords to eToken 72k Java PKI

I applied eToken Policy to users via Polisy Assignments Rule and activate UBP on these users. Sorry, last changes I have not tested yet so please wait for result 1-2 days more. If I find where I made mistake I will write about it here.

Thanks!

0 Kudos