How to reset the token for a smart card user
Last Modified: 2024-01-06 08:57:15 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
How to reset the token for a smart card user
Technical Articles ID:
KB79665
Last Modified: 2024-01-06 08:57:15 Etc/GMT Environment
Drive Encryption (DE) 7.1.x Endpoint Encryption for PC (EEPC) 7.0.x For details of DE 7.1.x supported environments, see KB79422 - Supported platforms for Drive Encryption 7.x. SummarySmart cards are usually issued to large groups of users at the beginning of the project to convert password-only users to CAC or PIV smart-card users. After the initial switch to smart cards, cards will be issued as new users are hired or if a user loses a card. When the smart card certificates expire, new cards with new certificates are issued to the users. There could be times when many user's certificates will expire at the same time because they were issued at the same time, and the users will need their tokens reset. Resetting a large group of user's tokens is much easier when they're PKI tokens.
Below are the steps to reset a user's token when they're issued a new smart card. SolutionThere are two methods to reset the smart card token: PKI and Self-Initializing. The method used is determined by how the token data is created.
Method 1 (PKI): Pre-initializing the token data - certificate is imported into Active Directory (AD) and the Provide LDAP user certificate option is selected in the UBP. These tokens can be reset manually or by using the LDAP sync task.
NOTE: A successful LDAP Sync token reset shows the following in the
Method 2 (Self-Initializing): The client performs the initialization of the token data:
Affected ProductsLanguages:This article is available in the following languages: |
|