Gemalto SafeNet Minidriver 9.0



Similar documents
Integration Guide. SafeNet Authentication Client. Using SAC CBA for Check Point Security Gateway

Integration Guide. SafeNet Authentication Client. Using SAC with Putty-CAC

Configuration Guide. SafeNet Authentication Service. Remote Logging Agent

SafeNet Authentication Manager Express. Upgrade Instructions All versions

Configuration Guide. SafeNet Authentication Service. Token Validator Proxy Agent

Integration Guide. SafeNet Authentication Service. VMWare View 5.1

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Tableau Server

Integration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with Microsoft DirectAccess

Agent Configuration Guide

Configuration Guide. SafeNet Authentication Service AD FS Agent

Integration Guide. SafeNet Authentication Service. Using SAS with Web Application Proxy. Technical Manual Template

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)

Integration Guide. SafeNet Authentication Service. SAS Using RADIUS Protocol with Apache HTTP Server

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web Access 1.06

Installation Guide. SafeNet Authentication Service

User Guide. SafeNet MobilePASS for Windows Phone

Synchronization Agent Configuration Guide

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web App. Technical Manual Template

Microsoft IIS Integration Guide

SafeNet MobilePASS Version 8.2.0, Revision B

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Drupal

Integration Guide. SafeNet Authentication Service. Oracle Secure Desktop Using SAS RADIUS OTP Authentication

Integration Guide. SafeNet Authentication Service. Integrating Active Directory Lightweight Services

SAS Agent for Outlook Web Access

Active Directory Rights Management Service Integration Guide

Microsoft SQL Server Integration Guide

SAS Agent for Outlook Web App

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Shakambaree Technologies Pvt. Ltd.

IDGo 800 Minidriver for Windows. User Guide

SafeNet Cisco AnyConnect Client. Configuration Guide

SafeNet Authentication Client (Windows)

Preface. Microsoft Office Sharepoint Server 2007 Integration Guide SafeNet, Inc. All rights reserved. Part Number: (Rev A, 06/2009)

Sentinel Cloud V.3.5 Installation Guide

DIGIPASS CertiID. Getting Started 3.1.0

Preface. Limitations. Disclaimers. Technical Support. Luna SA and IBM HTTP Server/IBM Web Sphere Application Server Integration Guide

Application Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008

SafeNet Authentication Client (Windows)

SafeNet MSSQL EKM Provider User Guide

Yale Software Library

SafeNet Authentication Service

epass2003 User Guide V1.0 Feitian Technologies Co., Ltd. Website:

Sage 100 ERP. Installation and System Administrator s Guide

Entrust Certificate Services for Adobe CDS

SafeNet KMIP and Amazon S3 Integration Guide

Adobe Acrobat 9 Deployment on Microsoft Windows Group Policy and the Active Directory service

High Availability Setup Guide

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

Check Point FDE integration with Digipass Key devices

SafeNet Authentication Client (Windows)

etoken Single Sign-On ReadMe Version 5.1 Rev A Release Date: May 2010 ======================================================

Microsoft IAS and NPS Agent Configuration Guide

Integration Guide. SafeNet Authentication Service. Using RADIUS Protocol for Radiator RADIUS Server

SafeNet Authentication Client

Citrix Access Gateway Plug-in for Windows User Guide

SafeNet Authentication Service Token Validator Proxy Agent. Configuration Guide

User Guide Novell iprint 1.1 March 2015

ProtectDrive. User Manual Revision: B00

Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate on Aladdin etoken (Personal eid)

Protecting Juniper SA using Certificate-Based Authentication. Quick Start Guide

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide

HOTPin Integration Guide: DirectAccess

YubiKey PIV Deployment Guide

PrivateServer HSM Integration with Microsoft IIS

SafeNet Authentication Service

Full Disk Encryption Agent Reference

Encrypting with BitLocker for disk volumes under Windows 7

Yubico PIV Management Tools

Endpoint Security VPN for Windows 32-bit/64-bit

Diamond II v2.3 Service Pack 4 Installation Manual

Getting Started - Client VPN

USER GUIDE WWPass Security for Windows Logon

Dell Statistica Statistica Enterprise Installation Instructions

Smart Card Certificate Authentication with VMware View 4.5 and Above WHITE PAPER

RSA Authentication Agent 7.1 for Microsoft Windows Installation and Administration Guide

SAS Token Validator Proxy Agent Configuration Guide

Global VPN Client Getting Started Guide

Citrix Shared Desktop

GoldKey Software. User s Manual. Revision WideBand Corporation Copyright WideBand Corporation. All Rights Reserved.

Microsoft Windows Server 2003 Integration Guide

User Document. Adobe Acrobat 7.0 for Microsoft Windows Group Policy Objects and Active Directory

Migration Guide. SafeNet Authentication Service. SafeWord/SAMx. Migration Guide: SafeNet Authentication Service. SafeWord/SAMx

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Installing Sage SalesLogix on Microsoft Windows 8, Windows Server 2012, and Internet Explorer 10 Version Developed by Sage SalesLogix User

Deploying Microsoft RemoteFX on a Single Remote Desktop Virtualization Host Server Step-by-Step Guide

Windows BitLocker Drive Encryption Step-by-Step Guide

CS SoftDent Practice Management Software Installation Guide for Client/Server Configurations

Interact for Microsoft Office

Electronic Prescribing of Controlled Substances

Strong Authentication for Juniper Networks SSL VPN

formerly Help Desk Authority Upgrade Guide

Elo Touch Solutions Elo Tablet Software Update

Administration Guide ActivClient for Windows 6.2

USER GUIDE WWPass Security for (Outlook) For WWPass Security Pack 2.4

Setup and Configuration Guide for Pathways Mobile Estimating

Symantec Backup Exec TM 11d for Windows Servers. Quick Installation Guide

PANO MANAGER CONNECTOR FOR SCVMM& HYPER-V

System Planning, Deployment, and Best Practices Guide

Full Disk Encryption Pre-Boot Authentication Reference

Transcription:

SafeNet Authentication Client Gemalto SafeNet Minidriver 9.0 Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1

Document Information Product Version 9.0 Build 44 Document Part Number 007-012974-001, Rev A Release Date May 2015 Trademarks All intellectual property is protected by copyright. All trademarks and product names used or referred to are the copyright of their respective owners. No part of this document may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, chemical, photocopy, recording, or otherwise, without the prior written permission of SafeNet, Inc. Disclaimer SafeNet makes no representations or warranties with respect to the contents of this document and specifically disclaims any implied warranties of merchantability or fitness for any particular purpose. Furthermore, SafeNet reserves the right to revise this publication and to make changes from time to time in the content hereof without the obligation upon SafeNet to notify any person or organization of any such revisions or changes. We have attempted to make these documents complete, accurate, and useful, but we cannot guarantee them to be perfect. When we discover errors or omissions, or they are brought to our attention, we endeavor to correct them in succeeding releases of the product. SafeNet invites constructive comments on the contents of this document. These comments, together with your personal and/or company details, should be sent to the address or email below. Contact Method Mail Email Contact Information SafeNet, Inc. 4690 Millennium Drive Belcamp, Maryland 21017, USA TechPubs@safenet-inc.com 2

Contents Contents Introduction... 4 Overview... 4 Product Facts... 4 Release Description... 4 Audience... 4 System Requirements... 5 Supported Operating Systems... 5 SafeNet Authentication Client Compatibility... 5 Supported Tokens... 5 Supported Tablets... 6 New Features... 6 Advisory Notes... 7 Password Quality Limitation... 7 Smart Cart Logon with ECC Certificates... 7 Compatibility with Third-Party Applications... 7 Installing Gemalto SafeNet Minidriver 9.0... 8 Installing Gemalto SafeNet Minidriver... 8 Automatic Installation... 8 Manual Installation... 8 Manually installing Gemalto SafeNet Minidriver 9.0 on Window 7... 9 Upgrading to Gemalto SafeNet Minidriver 9.0... 10 Automatic Upgrade... 10 Uninstalling Gemalto SafeNet Minidriver... 11 Known Issues and Limitations... 12 Support Contacts... 13 3

Introduction Overview Gemalto SafeNet Minidriver provides a simple alternative to developing a legacy cryptographic service provider (CSP) by encapsulating the complex cryptographic operations from the card Minidriver vendor. Gemalto SafeNet Minidriver presents a consistent interface between SafeNet s smart cards and Microsoft s Smart Card Base Cryptographic Service Provider (CSP) or Crypto Next Generation (CNG) Key Storage Provider (KSP) and to the Smart Card Management Interface). Product Facts Password quality policies are managed by SafeNet Authentication Client (SAC), or SafeNet Authentication Manager (SAM), and Gemalto SafeNet Minidriver uses the policies defined by SAC and SAM. Gemalto SafeNet Minidriver is compatible with certificates that were enrolled using SAC or SAM, and vice versa. i.e. If certificates were generated using SAC or SAM, they can also be used with Minidriver. Gemalto SafeNet Minidriver supports CAPI-based applications such as Smart Card Logon. Release Description This release: Introduces Gemalto rebranding and documentation standards Resolve specific product and customer related issues Audience All products are designed to be installed, operated, and maintained by personnel who have the knowledge, training, and qualifications required to safely perform the tasks assigned to them. The information, processes, and procedures contained in this document are intended for use by trained and qualified personnel only. 4

System Requirements Supported Operating Systems Gemalto SafeNet Minidriver 9.0 supports the following Operating Systems: Windows 8.1 (32-bit and 64-bit) Windows 8 (32-bit and 64-bit) Windows 7 (32-bit and 64-bit) Windows Server 2008 R2 (64-bit) Windows Server 2008 (32-bit and 64-bit) Windows Server 2012 R2 (64-bit) Windows Server 2012 (64-bit) SafeNet Authentication Client Compatibility Gemalto SafeNet Minidriver 9.0 is compatible with Java based token devices initialized with SAC 8.2 and higher. NOTE: Tokens cannot be initialized with Gemalto SafeNet Minidriver 9.0. Supported Tokens Gemalto SafeNet Minidriver 9.0 supports the following tokens: Certificate-based USB tokens (CCID) SafeNet etoken PRO Java 72K (no plug and play applet) SafeNet etoken PRO Java 72K ECC (no plug and play applet) SafeNet etoken 5100/5105 Gemalto SafeNet 5110 Smart Cards SafeNet etoken PRO Smartcard 72K (no plug and play applet) SafeNet etoken 4100 (CCID reader) Certificate-based Hybrid USB Tokens SafeNet etoken 7300 Standard (CCID) NOTE: Legacy tokens, which do not have a plug and play applet, are supported for automatic download. 5

Supported Tablets Gemalto SafeNet Minidriver 9.0 supports the following tablets: Microsoft Surface Pro, running Windows 8.1 New Features Gemalto SafeNet Minidriver 9.0 includes the following new features: Gemalto rebranding enhancements/progress Microsoft Minidriver Specification Version 7 support (See the note below) ECC support Algorithms and key sizes supported: Elliptic Curve Diffie-Hellman (ECDH) P256, and P384 - Secret agreement and key exchange Elliptic Curve Digital Signature Algorithm (ECDSA) P256, and P384 Upgrading from Minidriver 5.1 Windows 8, Windows 8.1, and Windows Server 2012 R2 support NOTE: According to the specification, the following API operations are not required and are not supported by SAC Minidriver: CardImportSessionKey CardGetSharedKeyHandle MDImportSessionKey MDEncryptData CardGetAlgorithmProperty CardGetKeyProperty CardSetKeyProperty CardDestroyKey CardProcessEncryptedData 6

Advisory Notes Minidriver is not supported on a system that has SafeNet Authentication Client installed. Password Quality Limitation Password Quality policies that are managed by SAC, are supported by Gemalto SafeNet Minidriver 9.0. However, the following settings are ignored by Minidriver even though they are configured on the token: Maximum Length this setting is configured and enforced by the SafeNet Authentication Client Settings on all operating systems. Expiry Warning Period no alerts or warning prompts are displayed. Smart Cart Logon with ECC Certificates To enable Smart Card logon with ECC certificates: 1. Click Start, and enter gpedit.msc in the search field. 2. In the Local Group Policy Editor, select Computer Configuration>Administrative templates>windows Components>Smart Card. 3. Select Enabled in the Allow ECC Certificates to be used for logon and authentication field. Compatibility with Third-Party Applications The majority of third-party applications listed below have been validated and tested with Gemalto SafeNet Minidriver 9.0. Solution Type Vendor Product Version Check Point Client E-80 (Security Gateway) Remote Access VPN Virtual Desktop Infrastructure (VDI) Palo Alto GlobalProtect 2.1 Juniper Juniper SA 700 Citrix XenDesktop 7.5 Microsoft Remote Desktop Identity Access Management (IAM) VMware View Horizon 6.0 Identity Access Management (IDM) Microsoft FIM 2010 R2 Pre Boot Authentication (PBA) Digital Signatures Microsoft CheckPoint Adobe BitLocker PointSec Reader X, XI Microsoft Outlook 2010,and 2013 7

Installing Gemalto SafeNet Minidriver 9.0 Installing Gemalto SafeNet Minidriver Gemalto SafeNet Minidriver 9.0 is downloaded automatically (from the Microsoft Update Catalog site) when connecting one of the tokens listed in the Supported Tokens section above. Automatic Installation To install Gemalto SafeNet Minidriver 9.0 automatically: Connect one of the tokens listed in the Supported Tokens list on page 5, and Gemalto SafeNet Minidriver 9.0 is installed automatically from the Microsoft Update Catalog site. Manual Installation If the Microsoft Update Catalog is not available, the manual installation method allows administrators to save the Minidriver files on a system for manual distribution. To install Gemalto SafeNet Minidriver 9.0 manually: 1. Browse to Microsoft Update Catalog: http://catalog.update.microsoft.com/v7/site/home.aspx. 2. In the Search box, at the top right of the screen, enter Gemalto SafeNet Minidriver, and click Search. Your search results will be displayed in a table as follows: 3. Select the relevant operating system by clicking Add, and the item is added to your basket. 4. Click View basket, and a Download button appears on the top right corner of the table. 5. Click Download. The Download Options window opens. 6. Browse to where you want to save the Minidriver package. Click OK, and then Continue. A message confirms that your updates were successfully downloaded. 7. Click Close. 8. Browse to the location of the downloaded.cab file, and extract the files. NOTE: The.cab file is saved in the folder: Gemalto - Other hardware - Gemalto SafeNet Minidriver. 8

The following files are extracted: 9. Right-click the file: Gemalto.SafeNet.Minidriver.inf, and select Install. Manually installing Gemalto SafeNet Minidriver 9.0 on Window 7 After manually installing the Gemalto SafeNet Minidriver 9.0 on a Windows 7 operating system, the Smart Card may need to be installed manually via the Device Manager. To install the smart card on a Windows 7 operating system: 1. Connect the token and perform steps 1 9 above. 2. Click Start, type Device Manager in the Search programs and files text box, and then press Enter. 3. Double-click Other devices. 4. Right-click Smart Cards Smart Card (with the yellow exclamation mark), and select Update Driver Software. The Update Driver Software window opens. 5. Perform either one of the following: a. Click Search automatically for updated driver software if the internet connection is available. Gemalto SafeNet Minidriver 9.0 is automatically updated via the Microsoft Catalog site. b. Click Browse my computer for driver software if you have already downloaded and extracted the Gemalto SafeNet Minidriver 9.0 package onto your local driver (See step 8 under Manual Installation). Locate the folder in which the Gemalto.SafeNet.Minidriver.inf file is saved, select it, click OK and then click Next. A message appears: Do you want to update this device software? Click Update. The Gemalto SafeNet Minidriver has been updated window opens. Click Close. 9

Upgrading to Gemalto SafeNet Minidriver 9.0 Automatic Upgrade To automatically upgrade from SafeNet etoken Minidriver 5.1 to Gemalto SafeNet Minidriver 9.0: Connect one of the tokens listed in the Supported Tokens list on page 5, to a system which has Minidriver 5.1 installed, and Gemalto SafeNet Minidriver 9.0 is automatically downloaded from the Microsoft Update Catalog site. If the automatic upgrade process does not succeed when connecting a token to the USB port, follow the procedures below: 1. Click Start, type Device Manager in the Search programs and files text box, and then press Enter. 2. Select Smart cards > SafeNet etoken Minidriver > Update Driver Software. The Update Driver Software window opens. Continue by following step 5 in the section: Manually installing Gemalto SafeNet Minidriver 9.0 on Window 7. NOTE: Restart the system after upgrading to Gemalto SafeNet Minidriver 9.0. 10

Uninstalling Gemalto SafeNet Minidriver When Gemalto SafeNet Minidriver is installed from the Microsoft Update Catalog, you need to perform the following to uninstall the Gemalto SafeNet Minidriver: On a 32-bit system, the file that defines the registry card media (etokenmd.dll) must be deleted from the system32 folder. On a 64-bit system, these must be deleted from both syswow64 & system32 folders. Remove the following keys from the HKEY_LOCAL_MACHINE registry tree: 32-bit Systems: SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\eTokenCard/JC1.0 SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\eTokenCard/JC1.0b 64-bit Systems: SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\eTokenCard/JC1.0 SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\eTokenCard/JC1.0b SOFTWARE\Wow6432Node\Microsoft\Cryptography\Calais\SmartCards\eTokenCard/JC1.0 SOFTWARE\Wow6432Node\Microsoft\Cryptography\Calais\SmartCards\eTokenCard/JC1.0b NOTE: Restart the system after uninstalling Gemalto SafeNet Minidriver 9.0. 11

Known Issues and Limitations This section lists known issues and limitations in Gemalto SafeNet Minidriver 9.0. Jira # ASAC-2379 ASAC-2429 Description When a token is initialized with the Password must be changed on first logon field, and is then connected to the operating system with SC Logon using Gemalto SafeNet Minidriver, an error message is displayed as soon as a password is entered. Workaround: Change the password using SafeNet Authentication Client before using the Minidriver. Performing a remote desktop connection from a system which has Minidriver installed, to a system with SAC installed, causes errors in the RDP, after entering the smart card pin. Workaround: Edit the RDP file (on the Client) by following these steps: 1. Open the Remote Desktop connection window. 2. Click Show Options. 3. Under Connection Settings, click Save as, and save the RDP file locally. 4. Open the file using Notepad. 5. Add enablecredsspsupport:i:0 to the end of the RDP file, and then save the file. 6. Connect to the server using the edited RDP file. For more details, see: https://support.microsoft.com/en-us/kb/941641 https://technet.microsoft.com/en-us/library/ff393660(v=ws.10).aspx 12

Support Contacts If you encounter a problem while installing, registering or operating this product, please make sure that you have read the documentation. If you cannot resolve the issue, contact your supplier or SafeNet Customer Support. SafeNet Customer Support operates 24 hours a day, 7 days a week. Your level of access to this service is governed by the support plan arrangements made between SafeNet and your organization. Please consult this support plan for further information about your entitlements, including the hours when telephone support is available to you. Table 1: Support Contacts Contact Method Address Contact Information SafeNet, Inc. 4690 Millennium Drive Belcamp, Maryland 21017, USA Phone US 1-800-545-6608 International 1-410-931-7520 Technical Support Customer Portal https://serviceportal.safenet-inc.com Existing customers with a Technical Support Customer Portal account can log in to manage incidents, get the latest software upgrades, and access the SafeNet Knowledge Base. 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information