Chapter 3: Active Directory Management
Assigning tokens to users
46
Figure 24:
SafeWord tab
of the User Properties
window
Tip: If you get an error while attempting to view a user’s SafeWord tab, the
administration service has rejected the user’s client certificate. This occurs
when ADUC has been re-installed. Remove the user’s client certificate to
access the SafeWord tab of their Properties window (see “Reinstalling a server
or ADUC” on page 61).
d
In the
Token serial number
field (found in the SafeWord tab), enter the
token’s serial number, and an optional four-digit PIN.
Requiring a PIN with a user passcode adds a second layer of security to
your system. If you will require users to authenticate with a token pass-
code and PIN, they must append the PIN to the end of the passcode. If
they do not know their PIN, they will be denied access.
e
Click
Apply
.
Note: See “Configuring the Authentication Policy” on page 196 for information
on configuring group memberships.
Clicking
Apply
activates the lower portion of the window, allowing you to
test the token (see “Testing tokens” on page 47).
f
If you will not be testing the token now, click
OK
to close the window.
g
Distribute the token to the user (be sure to tell them if they will need to
append a PIN to the end of their passcode).