User's Manual
Table Of Contents
- ePass2003
- User Guide
- Chapter 1 RunTime Installation
- Chapter 2 ePass2003 Token Manager
- Chapter 3 Windows PIN Management
- 3.1 Overview
- 3.2 EnterSafe Minidriver PIN Management for Windows
- 3.2.1 Changing a User PIN
- 3.2.2 Unblocking EnterSafe Minideriver
- 3.2.2.1 Example Unblock Procedure
- 3.2.2.2 Unblocking a Smart Card with Windows 2000, XP or Server 2003
- 3.2.2.3 Unblocking a Smart Card with Windows Vista, 2008 and Windows 7
- 3.2.2.3.1 Enabling Unblock Card with Windows Vista, 2008 and Windows 7
- 3.2.2.3.2 Unblocking a Smart Card with Windows Vista, 2008 and Windows 7
- 3.2.2.4 Administrator Tools for Card Unblock
- Appendix: Terms and Abbreviations
ePass2003 User Guide
Figure 48 Secure Desktop – Smart Card Unblock
3.2.2.4 Administrator Tools for Card Unblock
The Smart Card Unblock procedure requires the administrator to be able to calculate the Response to a Challenge
provided by the smart card of any end users that he/she is responsible for. This in turn means that the
administrator shall:
1.
Know or somehow have access to, the administrative key values for all smart cards in use.
2.
Have access to a Triple DES tool to calculate the Response based on the Challenge and the
administrative key of a given user’s smart card.
None of the Windows operating systems provide any means for administrators to handle the secure back-end
storage of the user’s smart cards Administrative keys, nor do they provide a back-end tool to calculate the
response to a challenge.
These features will be commonly provided by any commercial Base CSP compliant Card Management System
(CMS), including Microsoft’s Identity Lifecycle Manager (ILM).
Copyright © Feitian Technologies Co., Ltd.
Website: www.FTsafe.com
37