Transcription
SafeNet NetworkLogonVersion 8.2 Revision AUser’s Guide 1
Copyright 2013 SafeNet, Inc. All rights reserved.All attempts have been made to make the information in this document complete and accurate.SafeNet, Inc. is not responsible for any direct or indirect damages or loss of business resulting from inaccuracies or omissions. The specificationscontained in this document are subject to change without notice.SafeNet and SafeNet Authentication Manager are either registered with the U.S. Patent and Trademark Office or are trademarks of SafeNet, Inc., and itssubsidiaries and affiliates, in the United States and other countries. All other trademarks referenced in this Manual are trademarks of their respectiveowners.SafeNet Hardware and/or Software products described in this document may be protected by one or more U.S. Patents, foreign patents, or pendingpatent applications.Please contact SafeNet Support for details of FCC Compliance, CE Compliance, and UL Notification.Date of publication: April 2013Last update: Sunday, March 24, 2013 7:10 pm 2
SupportWe work closely with our reseller partners to offer the best worldwide technical support services. Your reselleris the first line of support when you have questions about products and services. However, if you requireadditional assistance you can contact us directly at:TelephoneYou can call our help-desk 24 hours a day, seven days a week:USA: 1-800-545-6608International: 1-410-931-7520EmailYou can send a question to the technical support team at the following email address:support@safenet-inc.comWebsiteYou can submit a question through the SafeNet Support portal: http://c3.safenet-inc.com/secure.aspAdditional DocumentationThe following SafeNet publications are available: SafeNet Network Logon 8.2 User’s Guide (this document) SafeNet Network Logon 8.2 Administrator’s Guide SafeNet Network Logon 8.2 Customer Release Notes 3
Table of ContentsChapter 1: SafeNet Network Logon Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7SafeNet Network Logon Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8New Features in SafeNet Network Logon 8.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9SafeNet Network Logon Authentication Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10SafeNet Network Logon Using OTP Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12SafeNet Network Logon Temp OTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Chapter 2: Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Installation Programs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Windows Installer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Package Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Installation Program List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Upgrading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Upgrade Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Chapter 3: Installation and Upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Running the Windows Installer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Running the Package Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27SafeNet Network Logon User’s Guide, Revision A, 2013 SafeNet, Inc. 4
Chapter 4: Using the SafeNet Network Logon Profile Wizard . . . . . . . . . . . . . . . . . 30Network Logon Profile Creation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Creating a Network Logon Profile on a Token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Modifying a Profile on a Token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43Deleting a Profile from a Token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52Chapter 5: SafeNet Network Logon in Windows XP and 2003 . . . . . . . . . . . . . . . . . 59Launching the SafeNet Network Logon Profile Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60Changing the Windows Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63Synchronizing an OTP Token. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64Logging On with an OTP Passcode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68Logging On with a Network Logon Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71Logging On with a Smartcard Certificate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73Choosing between Network Logon and Smartcard Certificate Logon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74Logging On When Your Token Is Lost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75Unlocking a Non-iKey Token When You Forgot Its Token Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79Unlocking an iKey Token When You Forgot Its Token Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82Chapter 6: SafeNet Network Logon in Windows Vista and Later . . . . . . . . . . . . . . . 83Launching the SafeNet Network Logon Profile Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Changing the Windows Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86SafeNet Network Logon User’s Guide, Revision A, 2013 SafeNet, Inc. 5
Synchronizing an OTP Token. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87Logging On with a Network Logon Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Logging On to a Network Resource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90Logging On with an OTP Passcode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93Logging On with a Smartcard Certificate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95Choosing between Network Logon and Smartcard Certificate Logon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96Logging On When You Have Lost Your Token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97Unlocking a Token When You Forgot Its Token Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100SafeNet Network Logon User’s Guide, Revision A, 2013 SafeNet, Inc. 6
1SafeNet Network LogonOverviewSafeNet Network Logon identifies and authenticates a user to the network or to a local computer usinginformation stored on, or generated by, the user’s token.In this chapter: SafeNet Network Logon Features New Features in SafeNet Network Logon 8.2 SafeNet Network Logon Authentication Credentials SafeNet Network Logon Using OTP Authentication SafeNet Network Logon Temp OTP1. SafeNet Network Logon Overview /SafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 7
SafeNet Network Logon FeaturesSafeNet Network Logon offers the following features: Stores network logon credentials on a token Communicates with the Microsoft Password Credentials mechanism Provides strong two-factor authentication by requiring both a token and its password With SafeNet Authentication Manager (SAM), supports user authentication using an OTPpasscode, with or without an OTP PIN/Windows Password Supports storage and management of multiple user profiles on one token Supports generation of random network logon passwords Supports domain password change procedures Supports domain logon and local computer logon with a certificate or OTP1. SafeNet Network Logon Overview / SafeNet Network Logon FeaturesSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 8
New Features in SafeNet Network Logon 8.2The following features have been introduced in SafeNet Network Logon 8.2: Support for Windows 8 and Windows Server 2012 operating systems Support for domain-independent profiles that can authenticate users to any domain “Default profile on token” setting Improved integration with the Evidian eSSO solution Support for use of .\local user and local password in the OTP file Support for a requirement for two-factor authentication on initial logon, while allowing theunlocking of a logged-on terminal with username and Windows password only, without requiringOTP Improved interface behavior: the OTP tile is hidden when performing a local logon and the Tokentile is hidden when performing an RDP logon1. SafeNet Network Logon Overview / New Features in SafeNet Network Logon 8.2SafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 9
SafeNet Network Logon Authentication CredentialsSafeNet Network Logon identifies and authenticates a user to the network or to a local computer usingany of the following: Authentication credentials stored on the user’s token An OTP passcode generated on the user’s token1. SafeNet Network Logon Overview / SafeNet Network Logon Authentication CredentialsSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 10
Authentication MethodNetwork Logon profileAuthentication CredentialsCommentsAll of the following:Requires SafeNet Authentication Client tobe installed. User name Domain to which the user belongs Domain passwordSmartcard logon certificateCertificate stored on the tokenOTP User nameOTP passcodeUser’s OTP PIN (optional)User’s Windows password(optional)We recommend using SafeNet Authentication Manager (SAM) and its Connector forMicrosoft CA to create smartcard logoncertificates on tokens.See SafeNet Network Logon Using OTPAuthentication on page 12.Requires all of the following: SafeNet Authentication Manager (SAM)to be installed. SafeNet Authentication Client to beinstalled (not required for Windows 8 orWindows Server 2012) SAM Connector for OTP Authenticationto be configured. SafeNet Network Logon OTP Settings tobe configured. See the SafeNet NetworkLogon Administrator’s Guide.1. SafeNet Network Logon Overview / SafeNet Network Logon Authentication CredentialsSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 11
SafeNet Network Logon Using OTP AuthenticationOTP authentication is an authentication solution in which the token and the SafeNet AuthenticationManager (SAM) server share a unique algorithm used to generate a sequence of One-Time Passwords.To authenticate using OTP passcodes, the user enters the One-Time Password (OTP) generated ontheir token as part of the authentication procedure.OTP authentication ensures a high level of security. OTP behavior is configured in the web serviceslocated on the SafeNet Authentication Manager server, and in OTP plug-ins.The SAM Connector for OTP Authentication can be configured to enable Network Logon using OTPauthentication.Depending on the connector settings and the SafeNet Network Logon settings: SafeNet Network Logon users can log on to their domain using a One-Time Password (OTPpasscode) generated on their enrolled device. In addition to the OTP passcode, users may be required to enter their OTP PIN and/or theirWindows password. Network Logon using OTP may be enabled even when the computer is offline and the OTPauthentication server is not available.NOTE To use OTP authentication while the computer is offline, the user must have logged on successfully in online modeat least once.1. SafeNet Network Logon Overview / SafeNet Network Logon Using OTP AuthenticationSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 12
To configure the Connector for OTP Authentication, see the SafeNet Authentication ManagerAdministrator’s Guide.NOTES SafeNet Network Logon using OTP is restricted to domain authentication, and cannot authenticate the user to otherapplications, such as OWA. (For OWA authentication, use the SafeNet OTP solution for OWA.) OTP authentication to multiple domains requires a different OTP token for each domain. Only one OTP token can beassigned to the user for each domain. The term ‘OTP’ is also referred to as ‘OTP passcode’ throughout the application.1. SafeNet Network Logon Overview / SafeNet Network Logon Using OTP AuthenticationSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 13
SafeNet Network Logon Temp OTPIf a user’s token is lost or damaged, and temporarily cannot be replaced, the user can request a TempOTP (temporary OTP passcode value) to replace the token’s OTP function. A Temp OTP is a static valueprovided to a user for temporary use until an OTP generating device is available. Since its value doesnot change, it provides only a low level of security. A Temp OTP is valid for a limited time.Depending on the options available in your SafeNet Authentication Manager configuration, you may beable to use a Temp OTP when your OTP token is not available.To use a Temp OTP:1If your token is lost or damaged and temporarily cannot be replaced, request a Temp OTP.NOTEYou can request a Temp OTP using the SafeNet Authentication Manager’s Self Service Center or Rescue Center, orcontact your administrator.A Temp OTP is issued to you for a limited time. Record the Temp OTP value in a safe place.2Authenticate using your Temp OTP instead of a token-generated OTP passcode.NOTEOffline OTP authentication is not allowed using Temp OTP.1. SafeNet Network Logon Overview / SafeNet Network Logon Temp OTPSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 14
To switch from Temp OTP to token-based OTP:1When your OTP token is available again, use the OTP passcode generated on your token toauthenticate while connected to the SAM server (online mode).2After successful OTP authentication in online mode, you can authenticate using your OTP token inboth offline and online mode.3Temp OTP usage is now disabled by the Network Logon client.1. SafeNet Network Logon Overview / SafeNet Network Logon Temp OTPSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 15
2Installation OverviewThis chapter describes the SafeNet Network Logon 8.2 installation programs.In this chapter: Installation Programs Upgrading2. Installation Overview /SafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 16
Installation ProgramsSafeNet Network Logon must be installed on each user’s computer using one of the followinginstallation methods: Windows Installer Package InstallationWindows InstallerThe Windows Installer (.msi file) installs SafeNet Network Logon 8.2 only if SafeNet AuthenticationClient is already installed.NOTEFor OTP-only authentication in Windows 8 and Windows Server 2012 environments, SafeNet Authentication Client is notrequired.Package InstallationThe package installation (.exe file) installs or upgrades two programs: SafeNet Network Logon 8.2 SafeNet Authentication Client 8.22. Installation Overview / Installation ProgramsSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 17
The simplest way to install or upgrade to SafeNet Network Logon 8.2 is to use the packageinstallation. This installs SafeNet Network Logon 8.2 properly in all of the following situations: No middleware is yet installed (both 32-bit and 64-bit) SafeNet Authentication Client is installed (both 32-bit and 64-bit) eToken PKI Client 5.1 or later is installed (both 32-bit and 64-bit) eToken Network Logon 5.1 is installedInstallation Program ListSelect the appropriate Windows Installer (.msi) or installation package (.exe) from the following table.2. Installation Overview / Installation ProgramsSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 18
Installation ProgramOperating 32-bit systems:Windows InstallerWindows XP / Server 2003 Upgrades from eToken Network Logon 5.1 Installs SafeNet Network Logon 8.2 For environments earlier than Windows 8,requires SafeNet Authentication Client 8.0SP2 or later to be already installed For Windows Server 2012, requires SafeNetAuthentication Client 8.2 or later to bealready installed For Windows 8: For authentication other than OTP,requires SafeNet Authentication Client 8.2or later to be already installed For OTP-only authentication, does notrequire SafeNet Authentication Client to tNetworkLogon-Vistax32-8.2.msi64-bit systems:Windows XP / Server 2003 / Server2003 R232-bit systems:Windows Vista / Server 2008 / 7 /864-bit s Vista / Server 2008 /Server 2008 R2 / 7 / 8 / Server2012See Windows Installer on page 17.Package Installation32-bit and 64-bit systems:SafeNetNetworkLogonPackage-8.2.exeWindows XP / Server 2003 / Server2003 R2 / Vista / Server 2008 /Server 2008 R2 / 7 / 8 / Server20122. Installation Overview / Installation ProgramsSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. Upgrades from eToken Network Logon 5.1 Upgrades from SafeNet Authentication Clientor eToken PKI Client 5.1 or later Installs SafeNet Network Logon 8.2 andSafeNet Authentication Client 8.2.See Package Installation on page 17. 19
UpgradingUpgrading to SafeNet Network Logon 8.2 is supported from eToken Network Logon version 5.1.During upgrade, if a version of eToken PKI Client earlier than 4.55 is identified on the computer, theinstallation will stop. If this occurs, you must uninstall eToken PKI Client.The upgrade procedures required will depend on the current applications installed on the computer.NOTEIf eToken SSO is installed, the upgrade to SafeNet Network Logon 8.2 is not supported. Contact SafeNet Support beforeinstalling SafeNet Network Logon 8.2.2. Installation Overview / UpgradingSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 20
Upgrade ScenariosProgramInstalled versionPrerequisites for installing SafeNet NetworkLogon 8.2Windows Installer (msi)Package (exe)Install SafeNet AuthenticationClient 8.2(none)SafeNet AuthenticationClient8.0 SP2 or laterNote: Not required for OTPonly authentication inWindows 8 or Windows Server2012.For Windows 8 or WindowsServer 2012, upgrade toSafeNet Authentication Client8.2NoneNoneFor all other systems, none8.2 or laterNoneNoneEarlier than 8.0 SP2 but notearlier than eToken PKIClient 5.1Upgrade to SafeNet Authentication Client 8.2NoneEarlier than eToken PKIClient 5.12. Installation Overview / UpgradingSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc.Uninstall, and upgrade to SafeNet Authentication Client 8.2 21
Program (Cont.)Installed versionPrerequisites for installing SafeNet NetworkLogon 8.2 (Cont.)Windows Installer (msi)NoneNone5.1NoneUninstall eToken NetworkLogoneToken Network LogonEarlier than 5.1eToken SSOPackage (exe)Any2. Installation Overview / UpgradingSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc.Log on with user name/password to upgrade to SafeNetAuthentication Client 8.2NoneContact SafeNet Support 22
3Installation and UpgradeThis chapter describes the wizard installation of, and upgrade to, SafeNet Network Logon 8.2.In this chapter: Running the Windows Installer Running the Package Installation3. Installation and Upgrade /SafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 23
Running the Windows InstallerUse the SafeNet Network Logon Installation Wizard to upgrade or install the application.The properties that can be set using the Windows Installer are: Interface language: the language in which the application’s user interface is displayed SafeNet Network Logon features: which features to install User Name and Password Logon Smartcard Logon SafeNet Network Profile Logon OTP LogonNOTES If the installation fails, restart your computer, and run the installation again. Ensure that all legacy eToken Properties or SafeNet Authentication Client Tools applications are closed before upgrading,installing, or uninstalling SafeNet Authentication Client.To install or upgrade via the Windows Installer:1Log on as an administrator.2Close all applications.3Double-click the appropriate .msi file. See Running the Windows Installer on page 24.The SafeNet Network Logon Installation Wizard opens.3. Installation and Upgrade / Running the Windows InstallerSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 24
4Click Next.The License Agreement is displayed.5Read the license agreement, and select the option, I accept the license agreement.6Click Next.The Interface Language window is displayed.7From the dropdown list, select the language in which the SafeNet Network Logon screens willappear.8Click Next.The Destination Folder window opens, displaying the folder in which the application will beinstalled.9Click Next.The Installation Type window opens.10 Select one of the following: Typical - Installs all SafeNet Network Logon features Custom - Enables you to select which SafeNet Network Logon features to install11 Click Next.12 If you selected Custom, the Select Features window opens.Select any combination of the following SafeNet Network Logon features, and click Next:3. Installation and Upgrade / Running the Windows InstallerSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 25
User Name and Password Logon Smartcard Logon SafeNet Network Profile Logon SafeNet OTP Logon13 The installation proceeds.When the installation is complete, a confirmation message is displayed.14 Click Finish to complete the installation.15 You may be required to restart your system.NOTEIf a message is displayed to restart your system, it is recommended that you do so immediately after the installationcompletes.3. Installation and Upgrade / Running the Windows InstallerSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 26
Running the Package InstallationSee Package Installation on page 17.NOTES If the installation fails, restart your computer, and run the installation again. Ensure that all legacy eToken Properties or SafeNet Authentication Client Tools applications are closed before upgrading,installing, or uninstalling SafeNet Authentication Client.To install or upgrade via the package installation:1Log on as an administrator.2Close all applications.3Double-click the .exe appropriate file. See Running the Windows Installer on page 24.The SafeNet Network Logon Installation Wizard opens.4Click Next.The License Agreement is displayed.5Read the license agreement, and select the option, I accept the license agreement.6Click Next.The Interface Language window is displayed.3. Installation and Upgrade / Running the Package InstallationSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 27
7From the dropdown list, select the language in which the SafeNet Network Logon screens willappear.8Click Next.The Destination Folder window opens, displaying the default installation folder.9If there are no other SafeNet Authentication applications or eToken legacy products, you can clickBrowse to select a different destination folder.This folder will be used as the installation library for all future SafeNet Authentication applications.NOTE If there has been no previous installation of an application from the SafeNet Authentication line of products, or aneToken legacy product, the default installation path is: C:\Program Files\SafeNet\Authentication. If an application from the SafeNet Authentication line of products, or an eToken legacy product, is alreadyinstalled, the destination folder cannot be changed.10 Click Install.The installation proceeds.When the installation is complete, a confirmation message is displayed.11 Do one of the following: Select Reboot now. Select I want to manually reboot later, and click Finish to complete the installation.3. Installation and Upgrade / Running the Package InstallationSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 28
.NOTEIt is recommended to reboot immediately after the installation completes.3. Installation and Upgrade / Running the Package InstallationSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 29
4Using the SafeNet NetworkLogon Profile WizardThis section describes how to use the SafeNet Network Logon Profile Wizard to manage NetworkLogon profiles on your token.In this chapter: Network Logon Profile Creation Overview Creating a Network Logon Profile on a Token Modifying a Profile on a Token Deleting a Profile from a Token4. Using the SafeNet Network Logon Profile Wizard /SafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 30
Network Logon Profile Creation OverviewIf SafeNet Authentication Manager (SAM) is installed in your organization, your administrator mayhave initialized your token with a Network Logon profile.If SafeNet Network Logon is installed and enabled, and your organization does not use SAM, you canuse the SafeNet Network Logon Profile Wizard to create Network Logon profiles.Depending on your organization, you may be authorized to create one or more Network Logon profileson your token.NOTEThe various options to create Network Logon profiles are available only if so configured in your organization.4. Using the SafeNet Network Logon Profile Wizard / Network Logon Profile Creation OverviewSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 31
Creating a Network Logon Profile on a TokenTo run the SafeNet Network Logon Profile Wizard:1Launch the SafeNet Network Logon Profile Wizard. See Launching the SafeNet Network Logon Profile Wizard on page 60 for Windowsenvironments earlier than Windows Vista (Windows XP and Windows Server 2003 / 2003 R2). See Launching the SafeNet Network Logon Profile Wizard on page 84 for Windows Vista andlater environments.The SafeNet Network Logon Profile Wizard opens.4. Using the SafeNet Network Logon Profile Wizard / Creating a Network Logon Profile on a TokenSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 32
2On the Welcome to the SafeNet Network Logon Profile Wizard window, click Next.3If more than one token is connected, the Token selection window opens.4. Using the SafeNet Network Logon Profile Wizard / Creating a Network Logon Profile on a TokenSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 33
From the dropdown list, select the appropriate token, and click Next.4If the token already contains at least one Network Logon profile, the Profile Selection windowopens.4. Using the SafeNet Network Logon Profile Wizard / Creating a Network Logon Profile on a TokenSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 34
Select Add a new profile, and click Next.5The Profile Information window opens.4. Using the SafeNet Network Logon Profile Wizard / Creating a Network Logon Profile on a TokenSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 35
6Enter a user name for the Network Logon profile.7From the dropdown list, select the network domain for which the Network Logon profile willauthenticate.NOTEDepending on your organization, you may be able to select Any domain, which allows the profile to authenticate toall domains. The domain name will appear as an asterisk (*).4. Using the SafeNet Network Logon Profile Wizard / Creating a Network Logon Profile on a TokenSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 36
8To set the new profile as the default profile for all future logons, select Use this new profile asthe token’s default logon profile.9Click Next.The Domain Password window opens.10 Complete the fields as follows, unless instructed differently by your system administrator:4. Using the SafeNet Network Logon Profile Wizard / Creating a Network Logon Profile on a TokenSafeNet Network Logon User’s Guide, 2013 SafeNet, Inc. 37
FieldDescriptionUse current domain passwordFor the profile to use your current domain password when authenticating,do the following:1. Select this option.2. Enter and confirm your password as it appears in the password directory.3. Do not complete any other fields in this window.Note: This option may be disabled in your organization.Create new domain passwordFor the profile to use a different domain password when authenticating, dothe following:1. Select this option.2. Complete the appropriate fields in this area.Current domain passwordIf you select Update domain password in directory, do one of the following: When creating a new profile, enter your password as it appears in thepassword directory. When updating an existing profile, do one of the following: Enter your password as it appears in the password directory. Select Read current domain password from token.Manual passwordTo set a static domain password, do the following:1. Select this option.2. Ent
The Windows Installer (.msi file) installs SafeNet Network Logon 8.2 only if SafeNet Authentication Client is already installed. Package Installation The package installation (.exe file) installs or upgrades two programs: SafeNet Network Logon 8.2 SafeNet Authentication Client 8.2 NOTE
