Fingerprint logon at the OS on Bitlocker encrypted client

  • Artikel-ID: 120185
  • Aktualisiert: 07 Mrz 2014

Issue

When using fingerprint authentication on a client that is encrypted with Bitlocker (non - Lenovo hardware or unsupported Lenovo models) the SafeGuard Authentication Application appears after logon to the operating system. 

First seen in

SafeGuard BitLocker Client 6.10.0

Operating systems
Windows 8

Cause
An authentication at the SafeGuard Credential Provider or the SafeGuard Authentication Application is only possible on supported Lenovo Clients.

Additional information

If only the Bitlocker client is managed by SafeGuard and access to the keyring is not required (for example when the file based encryption modules like DataExchange, FileShare or CloudStorage are not installed) the appearance of the Authentication Application can be limited using a system policy.

After applying the required system policy, the SafeGuard Authentication Application only appears for user initialization and after password changes.

This behavior is managed through a Policy_S setting called InsistOnSGNAuth (default: true). The corresponding XMLs are available in the "tools" folder of the product DVD.

What To Do

The XML which sets the value to "false" has to be signed with the company certificate.

  1. Open SafeGuard Management Center | Tools | Options | Certificates
  2. Press the Sign button and browse to the XML file which was mentioned earlier in this article.

     

  3. After browsing to the file just click "OK" and the MC creates a new file which is called "originalxmlname_Signed".
  4. Copy this new file into the Import folder of the LocalCache on the SafeGuard Client:

    The location on the client: %ALLUSERSPROFILE%\Utimaco\SafeGuard Enterprise\import

  5. Open Start | Run | CMD  and execute the tool "SGMcmdintn.exe" in the command line. After a successful import the XML-file disappears from the Import folder.

 

 


 
Wenn Sie weitere Informationen oder Unterstützung benötigen, wenden Sie sich bitte an den technischen Support.

Artikel bewerten

Ungenügend Hervorragend

Anmerkungen