Manual
Table Of Contents
- Preface
- Chapter 1. Overview
- Chapter 2. Installation
- Chapter 3. Working with Client Security Solution
- Chapter 4. Working with ThinkVantage Fingerprint Software
- Chapter 5. Working with Lenovo Fingerprint Software
- Chapter 6. Best Practices
- Deployment examples for installing Client Security Solution
- Switching Client Security Solution modes
- Corporate Active Directory rollout
- Standalone Install for CD or script files
- System Update
- System Migration Assistant
- Generating a certificate using key generation in the TPM
- Using USB fingerprint keyboards with 2008 ThinkPad notebook computer models (R400/R500/T400/T500/W500/X200/X301)
- Appendix A. Special considerations for using the Lenovo Fingerprint Keyboard with some ThinkPad notebook models
- Appendix B. Synchronizing password in Client Security Solution after the Windows password is reset
- Appendix C. Using Client Security Solution on a reinstalled Windows operating system
- Appendix D. Using the TPM on ThinkPad notebook computers
- Appendix E. Notices
- Glossary
Table10.ThinkVantage\ClientSecuritySolution\AuthenticationPolicies\PKCS#11Signature\CustomMode
FieldsCSS.ADM
Modiableeld
Required
FieldDescription
Controlswhetherpasswordorpassphraseisrequired.
Possiblevalues•Enabled
–Everytime
–Onceperlogon
•Disabled
•Notcongured
Settingsandpoliciesforthengerprintreaderauthentication
Enforcedngerprintbypassoption
Thengerprintbypassoptionenablesausertobypassthengerprintauthenticationanduseawindows
passwordtologon.TheusercanselectordeselectthisoptiononthePasswordManageruserinterface
whenaddinganewentry.
However,bydefault,thengerprintbypassisenabledevenifthisoptionisnotselected.Thisistoallowthe
usertologontoWindowswhenthengerprintsensorisnotfunctional.Todisabletheenforcedngerprint
bypassoption,editthefollowingregistrykey:
[HKEY_LOCAL_MACHINE\SOFTWARE\Lenovo\ClientSecuritySolution\CSSConguration]
"GinaDenyLogonDeviceNonEnrolled"=dword:00000001
Whentheregistrykeyissetasabove,theusercannotbypassngerprintauthenticationwhenthengerprint
sensorisnotworking.
Fingerprintswiperesult
Duringthengerprintauthentication,thebelowpolicycontrolsthedisplayofngerprintswiperesults.
HKLM\Lenovo\TVTCommon\ClientSecuritySolution\FPSwipeResult
•FPSwipeResult=0:Showallmessages.
•FPSwipeResult=1:Showfailuremessagesonly(defaultvalue).
•FPSwipeResult=2:Donotshowanymessages.
Command-linetools
ThinkVantageTechnologiesfeaturescanalsobeimplementedlocallyorremotelybycorporateIT
administratorsthroughthecommand-lineinterface.Congurationsettingscanbemaintainedthrough
remotetextlesettings.
ClientSecuritySolutionhasthefollowingcommand-linetools:
•“SecurityAdvisor”onpage35
•“ClientSecuritySolutionsetupwizard”onpage36
•“Deploymentleencryptordecrypttool”onpage36
•“Deploymentleprocessingtool”onpage37
•“TPMENABLE.EXE”onpage37
34ClientSecuritySolution8.3DeploymentGuide