Lenovo ThinkVantage (Hardware Password Manager Deployment Bedienungsanleitung PDF herunterladen (Seite 34)

–enrolled-returnswhetherthecurrentWindowssystemuserisenrolledintheutility

–enabled-returnswhethertheutilityisenabledintheBIOSprogram

–show-displaysresultstotheconsoleforalloftheabovecommands

•Returncodes:

–0-false

–1-true

–2-error

•Example:

cmp_util.exe-supported

ThebehaviorofthengerprintenrollmentdiffersslightlybetweenaHardwarePasswordManagerregistered

systemandanon-registeredsystem.Forregisteredsystems,theBIOSprogrampromptsforHardware

PasswordManagerUserLogincredentials(HardwareaccountIDandpassword)insteadofactualhardware

passwords.Afterverifyingthespecieduserlogincredentials,theBIOSprogramobtainstheactual

hardwarepasswordsfromthehardwareaccountandsavestheminthengerprintdevice.

Otherngerprintscenariostoconsider:

1.UserenrollsinHardwarePasswordManagerafterenrollingngerprintsforpre-boot

authentication(hardwarepasswordsareset)Inthisscenario,theuserhasalreadysetaPOPandhas

enrolledforpre-bootngerprintauthentication.TheClientPortaltreatsthescenariothesameaswhen

anypre-bootpasswordsaresetpriortoregisteringinHardwarePasswordManager.Inthiscase,the

ClientPortalinstructstheusertoremoveallhardwarepasswords.

2.UserenrollsinHardwarePasswordManagerafterenrollingngerprintsforpre-boot

authentication(hardwarepasswordsarecleared)Inthisscenario,theuserhasalreadyenrolledfor

pre-bootngerprintauthenticationbuthasmanuallyclearedthePOPandHDP(asrequestedinthe

previousscenario).ThesystemstartsandtheusercanenrollwithHardwarePasswordManager.

However,thenexttimetheuserstartsthesystemandswipestheirnger,theBIOSprogramretrieves

theoldpasswordorpasswordsfromthengerprintdeviceanddeterminesthattheyarenotvalid.The

BIOSprogramthenpromptsforuserlogincredentials.Iftheuserisvalidatedwiththeirhardware

account,thehardwarepasswordsareretrievedfromthesystemhardwareaccountbytheBIOSprogram

andthepasswordsarevalidated.Iftheyareconrmed,thenewpasswordsarestoredinthengerprint

deviceautomatically.

SafeGuardEasy/SafeGuardEnterprisecompatibility

InenvironmentswheretheSafeGuardEasy/SafeGuardEnterpriseutilityisused,theHardwarePassword

ManagerclientmustbeinstalledaftertheSafeGuardEasy/SafeGuardEnterpriseutility.

ThereisalsoalimitationwheretheHardwarePasswordManagersinglesign-onfeaturedoesnotworkwhen

theSafeGuardEasy/SafeGuardEnterpriseutilityisinstalled.Thus,theuserisnotautomaticallyloggedinto

theWindowsoperatingsystemwhentheuserperformsanormalHardwarePasswordManageruserlogin.

One-touchregistration

Asanadministrator,youcanregisteryoursystemswithHardwarePasswordManagertoprotectthemfrom

unauthorizedusersduringthedeploymentanddistributionprocess.Thisisaccomplishedbyallowingan

administratortopre-registeralloftheirsystemsintheHardwarePasswordManagerserverwithacommon

localadministratoraccount.Thisprocessrequiresasinglemanualstep(one-touch)tocomplete,whichis

requiredtopreventdenialofserviceattacks.

26HardwarePasswordManagerDeploymentGuide

1 2 ... 29 30 31 32 33 34 35 36 37 38 39 ... 59 60

Kommentare zu diesen Handbüchern

Keine Kommentare

Lenovo ThinkVantage (Hardware Password Manager Deployment Bedienungsanleitung Seite 34

Kommentare zu diesen Handbüchern

Verwandte Produkte und Handbücher für Notebooks Lenovo ThinkVantage (Hardware Password Manager Deployment