Active Directory + Smart card

To enable users to use smart card readers, install the relevant middleware on the devices.sc/interface by Cryptovision is a smart card middleware that integrates smart cards and other smart tokens into IT environments.sc/interface supports more than 90 different smart card profiles.For further information, see the Cryptovision web page.

For smart card authentication, eLux packages for middleware (such as Cryptovision sc/interface) and for the hardware drivers (such as PCSC Lite) must be installed on the devices.This may require modifications of the image definition file on the web server via ELIAS.

Smart card tab

Option Description
Behaviour of smart card on removal If you choose Lock screen, in the Screen saver settings, Password protected will be selected.1
Allow logon with username+password Smart card application allows user/password logon via the Username & Password link.
Show Username+password dialog by default2 Logon via username + password can be forced despite smart card configuration.

To use this option, enable Allow logon with username+password.

Certificate tab

Certificate-based logon requires verification of the user certificate against the root certificate.

The selected certificates are transferred to the device.

User variables tab

Based on LDAP attributes, you can define local variables and use them in the device configuration and application definition.For further information, see User variables.

For the AD directory and Automated logon tabs, see Active Directory (AD).

Enhanced logging for smart card authentication

When using PCSC Lite, you can have an additional log file /tmp/PCSCDlog.txt created.To do so, temporarily enable enhanced logging via Device configuration > Diagnostics > Enhanced logging for smart card support3.After diagnosis, we recommend that you disable the enhanced logging function in order to avoid unnecessary strain on the flash memory capacity of the device.