3.5 Configuring the Login Method

After you have successfully installed the login method for pcProx, you can manage it through iManager.

Refer the following sections to manage the login method for pcProx through iManager:

3.5.1 Adding a Certificate

After you have installed the pcProx plug-in on the server sunning iManager, you must import certificates to the workstation running iManager. Importing the certificate associates the proximity card to the user for authentication.

  1. Export the certificate from eDirectory using iManager

    1. Log in to iManager.

    2. In Roles and Tasks, click Directory Administration > Modify Object.

    3. Use the Object Selector to select the SSL CertificateDNS certificate.

    4. Click OK.

    5. Verify if Novell Certificate Server Plug-ins for iManager is installed or not. If it is not installed it, install it.

    6. In Roles and Tasks, click Novell Certificate Access > Server Certificates.

    7. Select SSL CertificateDNS > Export.

    8. From the Certificate drop-down list, select SSL CertificateDNS.

    9. If Export private key is selected, deselect it and select the export format as .DER

    10. Click Next and specify the path to save the file.

  2. Importing the certificate to JRE keystore used by iManager

    1. Run the command prompt and change the directory to JRE path that is used by iManager.

    2. Navigate to bin directory under JRE directory.

      • The JRE path for workstation iManager running on,

        • Windows: <iManager extracted directory>\bin\windows\java\jre

        • Linux: <iManager extracted directory>/bin/linux/java/jre

      • The default path for iManager server installation is,

        • Windows: C:\Program Files\novell\jre

        • Linux: opt\novell\jdk\jre

    3. Run following command.

      <Prompt>keytool -import -file <imported certificate file path> -alias <alias to identify the server> -keystore..\lib\security\cacerts -storepass changeit

      NOTE:alias is optional.

      Example

      Use the following command to import the certificate (cert.der) from C:\, under the NSL611TREE tree,

      C:\Program Files\novell\jre\bin>keytool -import -file c:\cert.der -alias NSL611TREECERT -keystore ..\lib\security\cacerts-storepass changeit

    4. If the import is correct, press Y.

    5. Restart iManager

3.5.2 Manually Setting a pcProx Card for User

  1. Launch and access iManager.

    For detailed information on accessing iManager, see the Novell Documentation Web site..

  2. Specify the username, password, and the eDirectory tree name, then login to eDirectory.

  3. You can substitute the IP address of an eDirectory server for the tree name.

    To have full access to all Novell iManager features, you must log in as a user with admin-equivalent rights to the tree.

  4. From the left pane, select NMAS > NMAS Users.

  5. In the Username field, specify the object name, then click OK.

  6. Select the PcProx tab, then select PcProx Authentication.

  7. From the task options, select Set Card ID.

    If you want to scan the pcProx card ID, place the card on the card reader, then click Scan ID.

    After the scanning is complete, the card’s ID appears in the Scan ID field.

    You can also manually specify the card ID number in the Card ID field.

  8. Click OK or Apply to save your settings.

3.5.3 Removing a pcProx Card from a User

  1. Log in to iManager.

  2. From the left pane, select NMAS > NMAS Users.

  3. In the Username field specify the object name, then click OK.

  4. Select the PcProx tab, then select PcProx Authentication.

  5. From the task options, select Remove Card ID.

  6. Click OK or Apply to save the changes.

    The selected card ID is removed.

3.5.4 Allowing a User to Self-Enroll the Card ID

  1. Log in to iManager.

  2. On the left pane, select Directory Administration > Modify Object.

  3. Click the icon adjacent to the Object name field.

  4. Under the Contents, select Security > Authorized Login Methods > NMAS Proximity Card.

  5. Click OK.

  6. Click PcProx tab, then select Enable Self Enrollment.

  7. Click OK or Apply to save the changes.