Advanced Authentication supports the Microsoft policy Interactive logon: Smart card removal behavior, which allows you to select an action on a card event. You can configure it to perform a force log off or lock a user session when a user presents card to the reader.
To use LEGIC LM3000 or LEGIC LE-762-1N readers, you must disable the other card plug-ins to avoid conflicts. To do this, perform the following steps:
Open the configuration file depending on the platform:
Microsoft Windows: C:\ProgramData\NetIQ\Device Service\config.properties.
Linux: LEGIC and RFIDeas readers are not supported.
Apple Mac OS X: LEGIC and RFIDeas readers are not supported.
Set the parameters as follows:
|
Parameter |
Description |
|---|---|
|
card.omnikeyEnabled |
Used for the omnikey type of readers. The default value is true. Set the value to false to disable the usage of the device. |
|
card.rfideasEnabled |
Used for the RF IDeas readers. The default value is false. Set the value to true to enable the usage of the device. |
|
card.rfideas.productType |
Used for RF IDeas readers. The possible values are prox, sonar, or swipe, or all. You can combine them as prox;sonar;swipe.The default value is prox. |
|
card.rfideas.deviceType |
The possible values are usb, serial, or tcp, or all. You cannot combine them. The default value is usb. |
|
card.forceVirtualChannels |
Used for RF IDeas readers to work in a terminal session. If you set card.forceVirtualChannels to true, the Device Service uses its own mechanism for card redirection through the virtual channels. You must install the Device Service on both the terminal server and terminal client. The default value is false. |
|
card.smarfidEnabled |
Used for the smarfid type of readers. The default value is false. Set the value to true to enable the usage of the device. |
|
card.smarfidManualMode |
Used for the smarfid card behavior. If you set card.smarfidManualMode to false or when the parameter is not available in the config.properties file, the reader’s LED is in blue (read mode) by default and starts to blink when you place a card on the reader. If you set card.smarfidManualMode to true, the reader’s LED is in green (ready mode) by default and does not blink when you place a card on the reader. The reader blinks only if you are in the Login or Unlock screen and Windows Client requests to place a card. You must disable the 1:N functionality to disable auto-waiting of a card for the Login or Unlock screen. For more information about how to disable 1:N, see Disabling 1:N. You must disable the Interactive logon: Smart card removal behavior policy to disable the auto-waiting of a card when a user is logged in. For more information about how to disable Smart card removal behavior policy, see the Microsoft documentation. You can use the feature only for LEGIC readers. |
|
card.smarfidManualBeepEnabled |
Used for generating beeps from a supported LEGIC reader when you put a card on it. The default value of the parameter is false and the beeps are muted. Set card.smarfidManualBeepEnabled to true for this. You can use this option only when the manual mode is enabled (card.smarfidManualMode=true). |
|
card.isCardIdGenerated |
The feature can be used only for LEGIC readers. Used to generate a new card identifier during enrollment. and during each enrollment, the card identifier is not changed. The default value is false. |
|
card.desfireEnabled |
Used for the desfire type of readers. The default value is true. Set the value to false to disable the usage of the device. |
Save the changes.
Restart the Device Service.