HID Crescendo Integration User Manual
Page 46
Crescendo Integration Guide
47A3-905, A.1
Microsoft Windows Server 2003
Page 46 of 54
© 2008 HID Global Corporation. All rights reserved
December 1, 2008
Smart card removal
4.2.4
The GINA component (installed as part of the HID Crescendo C700 middleware) provides additional
functionality with regard to smart card removal at log off / lock. When the user locks the computer or logs off,
an audible and visual signal indicates to remove the card from the reader. The following dialog displays:
Figure 52: SafeSign GINA: Remove token
Unless the user removes their token, they are not logged off or the computer does not lock.
To force the user to remove the card while locking the workstation or logging off, modify the registry key
with the following values. Under DWORD DenyLockIfCardPresent / DenyLogoffIfCardPresent, change the
values to 1 in the registry key [HKEY_LOCAL_MACHINE\SOFTWARE\A.E.T. Europe B.V.\SafeSign\2.0\
GINA]. By default, these values are zero and the user can lock the computer while leaving the card in the
reader.
At logon time, unlock a token of which the PIN is blocked (section
) and change the transport PIN of a
token that has a transport PIN (section
Unlock PIN
4.2.5
When the PIN is locked, you may unlock the PIN at logon. After entering the (locked) PIN at the Windows
logon prompt, a dialog informs you that the token is locked, asking if you wish to unlock the token.
note: Unlock the PIN in two ways: with PUK or secure off-line PIN unlock mechanism (if implemented). If the
token can only be unlocked by the PUK, the following dialog appears:
Figure 53: unlock pin
Enter the PUK for the token and a new PIN to unlock the token