B.2 Configuring NESCM

There are two ways to configure NESCM when installing silently:

B.2.1 Using the Registry to Configure NESCM After Installation (Recommended)

To facilitate modifying the configuration after an install, the nescm.reg registry file is included with the install. This file documents the method’s options. All registry settings in the file are initially commented out. To configure NESCM, uncomment and modify the desired settings, then apply the settings to the registry.

B.2.2 Using the Command Line to Configure NESCM During Installation

The setup program allows options to be specified on the command line. If you need to change only a few of the default options during an install, you can specify them on the command line. (See Table B-2 for details.) However, if you need to specify numerous options, you might find it easier to install with the default settings, and then modify the nescm.reg file, as described in Section B.2.1, Using the Registry to Configure NESCM After Installation (Recommended).

For additional information about installation options for all client platforms (Windows 7 and 8), see Table 2-2, Setup Program Options for all Client Platforms.

Table B-2 Installation Command Line Options for all Client Platforms

Functionality

Options

Smart Card Interface

  • NESCM_SCINTERFACE: The possible values are:

    • PCSC (Default)

    • PKCS11

  • NESCM_PKCS11LIBRARY: The value of the PKCS#11 library is:

    • PKCS#11 library name

The following example changes the interface mode to PKCS#11 on the command line:

Windows 7 (32-Bit): setup.exe/S/v"/qn NESCM_SCINTERFACE=PKCS11 NESCM_PKCS11LIBRARY=abc.dll”

Smart Card PIN Validation

  • NESCM_CARD_LOGIN: The possible values are:

    • 1 = True, validate smart card PIN (Default)

    • 0 = False

The following example turns off smart card PIN validation:

Windows 7 (32-Bit): setup.exe/S/v"/qn NESCM_CARD_LOGIN=0"

Workstation Only Login - Disconnected Login

  • NESCM_DISCONNECTED_SUPPORT: The possible values are:

    • 1 = True, enable disconnected support

    • 0 = False (Default)

  • NESCM_DISCONNECTED_REQUIRED: The possible values are:

    • 1 = True, require disconnected support

    • 0 = False (Default)

The following example turns on disconnected support and makes it required:

Windows 7 (32-Bit): setup.exe/S/v"/qn NESCM_DISCONNECTED_SUPPORT=1 NESCM_DISCONNECTED_REQUIRED=1”

User Account Lookup - Identity Plugin Support

  • NESCM_IDPLUGIN_SUPPORT: The possible values are:

    • 1 = True, enable Identity Plug-in support

    • 0 = False (Default)

  • NESCM_IDPLUGIN_SERVERS: The value is:

    • LDAP server address or DNS name

  • NESCM_IDPLUGIN_SEARCHBASE: The value is:

    • Search container

  • NESCM_IDPLUGIN_SEARCHTIMEOUT:

  • NESCM_IDPLUGIN_SEARCHBY: The possible values are:

    • 1 = Search by certificate subject name (Default)

    • 2 = Search by certificate

  • NESCM_IDPLUGIN_USEFIRSTMATCH: The possible values are:

    • 1 = True, use first account returned

    • 0 = False, do a complete search (Default)

  • NESCM_IDPLUGIN_PROMPTMSG: The value is:

    • Status message string

  • NESCM_IDPLUGIN_WAITMSG: The value is:

    • Wait message string

  • NESCM_IDPLUGIN_AUTOLOGIN: The possible values are:

    • 1 = True, begin login when plug-in returns

    • 0 = False (Default)

  • NESCM_IDPLUGIN_AUTORESTART: The possible values are:

    • 1 = True, restart plug-in if login fails

    • 0 = False (Default)

  • NESCM_IDPLUGIN_HIDEOK: The possible values are:

    • 1 = True, hide OK button

    • 0 = False - (Default)

  • NESCM_IDPLUGIN_HIDECANCEL: The possible values are:

    • 1 = True, hide Cancel button

    • 0 = False (Default)

  • NESCM_IDPLUGIN_HIDEADVANCED: The possible values are:

    • 1 = True, hide Advanced button

    • 0 = False (Default)

(Continued) User Account Lookup - Identity Plugin Support

  • NESCM_IDPLUGIN_HIDEUSERNAME: The possible values are:

    • 1 (Hide Username field)

    • 0 (Default)

  • NESCM_IDPLUGIN_HIDEPASSWORD:

    • 1 (Hide Password field)

    • 0 (Default)

NOTE:String values are enclosed in double quotes and the quotes are escaped with a backslash.

The following example enables Identity Plug-in support and sets parameters, while having unspecified parameters use the default values:

setup.exe/S/v"/qn NESCM_IDPLUGIN_SUPPORT=1

NESCM_DISCONNECTED_REQUIRED=1 "

setup.exe/s/v"/qn NESCM_IDPLUGIN_SUPPORT=1

NESCM_IDPLUGIN_SERVERS=\"192.168.43.113:389\"

NESCM_IDPLUGIN_SEARCHBASE=\"ou=searchbase\"

NESCM_IDPLUGIN_SEARCHTIMEOUT=20

NESCM_IDPLUGIN_AUTOLOGIN=0

NESCM_IDPLUGIN_AUTOSTART=0 "

Password Field Descriptor

  • NESCM_PWDFIELD_DESC: The value is:

    • Description string

      The default value is “&PIN:”. To remove the default, specify an empty string. If nothing is specified, the Novell Client uses the string “Password:”. If the new string contains spaces, the string must be enclosed in double quotes and the quotes must be escaped with a backslash

The following example specifies a new value that contains spaces:

Windows 7 (32-Bit): setup.exe/S/v"/qn NESCM_PWDFIELD_DESC=\"Card PIN\" "