3.7 Installing Workstations

Each applicant’s workstation should meet the minimum requirements. See Section 2.1.7, Workstations.

Each applicant’s workstation that will be authenticating by using a PIV card must be installed by using the following procedure:

  1. Insert the CD 2 - IAS Client into the workstation’s CD drive.

    The client installation should auto launch.

    If not, browse to the root of CD 2 - IAS Client and double-click setup.exe.

  2. Read the welcome page, then click Next.

  3. Read the license agreement and select I accept the terms of the license agreement, then click Next.

  4. Select Novell Client and Enhanced Smart Card Method.

    (Optional) If you also want to audit Workstation Only logins, select Novell Audit Platform Agent.

  5. Click Next.

  6. Click Install.

  7. Read the Novell Enhanced Smart Card Method welcome page, then click Next.

  8. Read the license agreement and select I accept the terms of the license agreement, then click Next.

  9. On the Disconnected Support page, select Yes, I Want Disconnected Support, then click Next.

    This feature allows you to authenticate to the workstation only by using the Smart Card login method.

  10. On the ID Plugin Support page, select whether or not you want to use the ID plug-in support feature.

    This feature allows the ID plug-in to query the database for the smart card’s associated username.

    If you select Yes, you must also supply the IP addresses and port numbers for all LDAP servers you want to query.

  11. Click Next.

  12. Choose whether or not to customize the password field description on the login screen, then click Next.

    If you choose to customize the login screen's password field, you must type in the new text for the field.

    If you use Alt+P to access the password field when logging in, you lose this functionality when you customize the password field description. To keep this functionality, you must include an ampersand (&) in front of a letter P in the new text you enter in the password field.

    For example, if your new text reads Password, you should enter it as &Password so that Alt+P continues to function as usual.

  13. Select either PC/SC or PKCS#11, then click Next.

    PC/SC and PKCS#11 are technical standards used to communicate between a server and PKI-enabled applications. PC/SC is a standard used for integrating smart cards and smart card readers. PKCS#11 is a standard for public key message exchanges.

    Select the standard that best supports your hardware. For more information, see the manufacturer's specifications.

    If you select PKCS#11, you must also select a provider that best suits your needs.

  14. Review the page, then click Install.

  15. (Conditional) If you decided to install the Novell Audit Platform Agent in Step 4, click Next on the Novell Audit Platform Agent page. If not, skip to Step 21.

  16. Accept the License Agreement, then click Next.

  17. Fill in the customer information, then click Next.

  18. Type the IP address or DNS name of the Secure Logging Server, then click Next.

    This is the IP address or DNS name of the Novell Audit server (the Identity Vault server that was set up previously).

  19. Select Complete, click Next > Install.

  20. Click Finish.

  21. Click Finish.

  22. Restart the workstation.

  23. Complete the instructions for installing and configuring the NESCM method on a workstation as provided in the Novell Enhanced Smart Card Installation Guide .

3.7.1 Installing the Novell Client Patch

After installing the Novell Client, you need to install the Novell Client Patch.

  1. On CD 2 - IAS Client, browse to the \novellclient\winnt\i386\491_sp3_update directory.

  2. Right-click the _491psp3_nwsso.inf file, then click Install.

  3. If files are in use, reboot the workstation when prompted.

3.7.2 Workstation Configuration

For information about configuring NESCM on a workstation, see the Novell Enhanced Smart Card Installation Guide .