Manualshelf

HP Sure Admin User Guide

ManualsBrandsHP ManualsDesktopsHP EliteBook 830 G6 Notebook PC
12345678910
2 Creating and managing keys
Complete Security provisioning within MIK prior to enabling Enhanced BIOS Authentication Mode.
Enhanced BIOS Authentication Mode must be enabled to create and export keys. To enable BIOS
Authentication Mode:
Open the HP Sure Admin plug-in and select Enhanced BIOS Authentication Mode to create and export
keys.
Creating and exporting keys
Select one of the following models to create local access key pairs and enable the HP Sure Admin phone app
to access the key:
Create and Export Key — Use this option to export the local access authorization key and then
manually distribute it to the HP Sure Admin phone app through email or other method.
NOTE: This option does not require HP Sure Admin phone app network access to obtain a one-time
PIN.
Create and Export Key with Azure AD Revocation — Use this option to connect the local access key to a
specied Azure Active Directory group and require the HP Sure Admin phone app to require both user
authentication to Azure Active Directory and to conrm that the user is a member of the specied group
before providing a local access PIN. This method also requires manual distribution of the local access
authorization key to the phone app through email or other method.
NOTE: This option requires the HP Sure Admin phone app to have network access in order to obtain a
one-time PIN.
Create and Send Key to Azure AD Group OneDrive — (Recommended) Use this option to avoid storing
the local access authorization key on the phone. When you choose this option, MIK will store the local
access authorization key to the specied OneDrive folder that is only accessible to the authorized group.
The HP Sure Admin phone app user will be required to authenticate to Azure AD each time a PIN is
needed.
NOTE: This option requires the HP Sure Admin phone app to have network access in order to obtain a
one-time PIN.
To create and export a key:
1. Name your key in the Key Name entry box.
2. Enter the passphrase in the Passphrase entry box.
NOTE: The passphrase is used to protect the exported key and must be provided so that the HP Sure
Admin phone app user is able to import the key.
3. Select Browse, and choose where to export the path in the system.
4. Select Create Key.
NOTE: Your key has successfully created when a notication icon appears next to the Create Key
button with the message Key successfully created.
2 Chapter 2 Creating and managing keys