System migration assistant, Requirements, Requesting certificate from the server – Lenovo ThinkVantage (Client Security Solution 8.21) User Manual

Page 66

Advertising
background image

2. Over install all three different versions of older software (Rescue and Recovery 1.0/2.0/3.0, Fingerprint,

Client Security Solution 5.4–6, FFE). Settings should be kept when installing the new version over
the old version.

System Migration Assistant

Migrate from T40 with Client Security Solution 7.0 to a T60 with Client Security Solution 8.21.

Generating a certificate using key generation in the TPM

Certificates can be generated directly by using Client Security CSP, and the private keys in the certificates
are generated and protected by the TPM. To request a certificate using Client Security Solution CSP,
complete the following steps:

Requirements:

• The server machine should have the following installed:

– Windows 2003 Enterprise or above

– Active Directory

– Certificate Authority service

• The client machine should meet the following requirements

– TPM enabled

– Client Security Solution installed

Requesting certificate from the Server

Creating template for TPM user

To create template for TMP user, complete the following procedure as below:

1. Click Start Run.

2. Type mmc and click OK. The console window displays.

3. From the File menu, click Add/Remove Snap-in, and then click Add. The Add Standalone snap-in

window displays

4. Double-click Certification Authority in the snap-in list, and click Close.

5. Click OK in the Add/Remove Snap-in window.

6. Click Certificate Templates from the console tree. All of the certificate templates are displayed

in the left pane.

7. Click Action Duplicate Template.

8. In the Display Name field, typeTPM User.

9. Click the Request Handling tab, and click CSPs. Make sure to select Requests can use any CSP

available on the subject's computers.

10. Click the General tab. Make sure that Publish Certificate in Active Directory is selected.

11. Click the Security tab, in the Group or user names list, click Authenticated Users and make sure

Enroll is selected in the Permissions for Authenticated Users.

Configuring an enterprise certification authority

To issue the TPM User certificate by configuring an enterprise certification authority, complete the following
procedure as below:

60

Client Security Solution 8.21Deployment Guide

Advertising
Popular Brands
Popular manuals