This content has been marked as final. Show 7 replies
If you mean smart cards with EEPC, what card/reader combination are you trying to use?
the detail of using tokens with EEPC is in the Endpoint Encryption for PC's guide, the management center guide only discusses that component.
The smart cards we are using are the smart cards that are issued by Conneting for Health to all NHS trusts in the England; GemSAFE Smart Card (16K). The readers are predominantly Dell Intergrated Smart Card keyboards (RT7D60), with a few OMNIKEY Card Man 3121 readers.
I think both are supported - check your EEPC/Device Encryption Admin Guide. If you have the option to select the GemPlus card as a token in your admin system, you can try simply creating a user with that and logging in (again to your admin system). It very much depends on the card though - it's quite possible whoever set them up for the original project locked them so no other applications can be added.
this is something it's worth getting a day of PS to evaluate. The cards work, but as you have already provisioned them, whether they can be added to is up to whoever currently "owns" the card.
Thanks for your reply.
I've added the GemAltoNet Certificate Smart Card token - GemPlus and AxAlto merged to form GemAlto - so I'll see if I can get the smart card authentication working with that.
However I've got to get past another issue first; I'm getting sync issues between my test PC and EEManager. I'm getting an error of Error [db010010] Object Not Found.
I think this issue stems from creating an 'offline install'. I've imported the machine details using the SBXFERDB.SDB file on the test PC, and I can force a reboot from the EE Manager on the test PC - so they will talk to each other - but the sync isn't happening.
can you post the tail of your client log so we can see exactly what's going on? Usually that error means you didnt import the sdb file, or you imported it into a different database than the one the machine is connecting to.
Have you installed more than once? If so remember that EVERY activation will create a new sdb file.
The other thing is that the network name and name in EEM must match for the machine to find it's object. This just for the first sync. Once the two are connected they use the ID (not name) to communicate. So, make sure the two still agree.
Personally, there are so few reasons to use offline installs that unless you seriously want to go to the effort of manually bringing that file across, I'd start again in online mode.
I changed the EEM to match the network name and it sync'd up fine.
Many thanks for your hepl!
np. Stick to online installs if you can though, as the machine will then create itself in the group and you don't have to do anything.
if you forget to import that sdb file, you'll never be able to recover the data from a machine if things go wrong...