Manualshelf

User's Manual

ManualsBrandsDell ManualsSoftwareDell Data Protection
12345678910
Enrolling Smartcards
Dell Data Protection | Access gives you the option of using a traditional (contacted) or
contactless smartcard for logging into your Windows account or for authentication at pre-
Windows. In the Smartcard tab, click the Enroll a smartcard or contactless smartcard to use
for login link to launch the Smartcard Enrollment wizard, which guides you through the
enrollment process. "Enrolling" means setting up your smartcard for use in login. Once you have
enrolled a smartcard, you can enroll another card using the Enroll another smartcard or
contactless smartcard to use for login link.
You must have a valid smartcard authentication device properly installed and configured in order
to perform enrollment.
NOTE: To find out if a specific device is compatible, contact your system administrator or go to
support.dell.com and search for 'smartcard readers'.
Contactless smartcards supported for Windows and pre-Windows enrollment:
HID Mifare
HID Crescendo C700, C200
HID I Class 2080, 200X, 210X, 201X, 211X, 202X, 212X, 203X, 213X, 204X, 214X,
205X, 206X series cards.
Contacted smartcards supported for pre-Windows enrollment:
CAC and PIV (US Federal Government Cards)
Enrollment
When enrolling a smartcard you will be prompted to enter your Windows password to verify your
identity. If your policy requires it, you will be prompted to enter your pre-Windows
(System) password as well. The pre-Windows password can be used to gain access to the
system if there is an issue with the smartcard reader.
During enrollment, you will be prompted for the smartcard PIN, if one has been set. If your policy
requires a PIN and one has not been set, you will be prompted to create one.
NOTES:
Once a user is enrolled for smartcard use in pre-Windows, he/she can be removed with
Reset System.
Reset System is the only way to reset a smartcard; the smartcard cannot be used for
authentication at Windows login or for pre-Windows until it is re-enrolled.
NOTE: For TPM certificate authentication, administrators can enroll TPM certificates through the
Microsoft Windows smartcard enrollment process. Administrators must select "Wave TCG-
Enabled CSP" as the Cryptographic Service Provider in place of a Smartcard CSP for
compatibility with this application. In addition, Dell Secure login must be enabled with the
appropriate Authentication Type Policy for the client.
NOTE: If you get an error that states that the Smartcard Service is not running, you can start /
restart this service by doing the following:
Navigate to the Administrative Tools window from the Control Panel, select Service, then
right-click on Smartcard and select Start or Restart.
Detailed information on the specific error message for Dell Data Protection | Access
(DDP|A) can be found by searching for “DDPA Error Codes” at: http://support.dell.com.