Check Point HARMONY R81 - Page 229

451 pages

Save Page as PDF

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Configuring OneCheck User Settings Policy Rules

R81 Harmony Endpoint Server Administration Guide|229

The password settings are taken from the OneCheck User Settings rules that are assigned to

the user.

Right-click an Action and select Edit to configure more settings if you select to use Smart Card

authentication.

Important - Before you configure Smart Card authentication only as the default, make

sure that you understand the requirements. See

"Before You Configure Smart Card

Authentication" on page241

. All requirements must be set up correctly for users to

successfully authenticate with Smart Cards.

To configure Smart Card only or for Smart Card or Password as the default:

1. Select one of the Smart Card options as the Default Pre-boot authentication method.

2. If you select Smart Card, we recommend that you select

Change authentication method only after user successfully authenticates with a

Smart Card

This lets users authenticate with a password until all of the requirements for Smart Card

authentication are set up correctly. After users successfully authenticate one time with a

Smart Card, they must use their Smart Card to authenticate. If you configure a user for

Smart Card only and do not select this, that user is not able to authenticate to Full Disk

Encryption with a password.

Select one or more Smart Card drivers.

3. In the Smart Card driver area, select the Smart Card protocol that your organization

uses:

n

Not Common Access Card (CAC) - all other formats

n

Common Access Card (CAC) - the CAC format

4. In the Select Smart Card driver to be deployed area, select the drivers for your Smart

Card and Reader. All selected drivers will be installed on endpoint computers when they

receive policy updates.

If you do not see a driver required for your Smart Card, you can:

n

Enter a text string in the Search field.

n

Click Import to import a driver from your computer. If necessary, you can download

drivers to import from the Check Point Support Center.

5. In the Directory Scanner area, select Scan user certificates from Active Directory if you

want the Directory Scanner to scan user certificates.

6. If you selected to scan user certificates, select which certificates the Directory Scanner

will scan:

Table of Contents

Related product manuals

Preview: Check Point L-71

Check Point L-71

Check Point 6700

Preview: Check Point UTM-1 U-5

Check Point UTM-1 U-5

Preview: Check Point UTM-1 Edge

Check Point UTM-1 Edge

Preview: Check Point 6000 Series

Check Point 6000 Series

Preview: Check Point Smart-1 205

Check Point Smart-1 205

Preview: Check Point Smart-1 625

Check Point Smart-1 625

Preview: Check Point Smart-1 225

Check Point Smart-1 225

Preview: Check Point Smart-1 5050

Check Point Smart-1 5050

Preview: Check Point QUANTUM SPARK 1530

Check Point QUANTUM SPARK 1530

Preview: Quantum SMART-1 600-M

Quantum SMART-1 600-M

Preview: QUANTUM SMART-1 6000-L/6000-XL

QUANTUM SMART-1 6000-L/6000-XL