Configure PIV smart card authentication 编辑

This article lists the configuration required on the Director Server and in Active Directory to enable the smart card authentication feature.

Note:

Smart card authentication is supported only for users from the same Active Directory domain.

Director server configuration

Perform the following configuration steps on the Director server:

  1. Install and enable the Client Certificate Mapping Authentication. Follow the Client Certificate Mapping authentication using Active Directory instructions in the Microsoft document, Client Certificate Mapping Authentication.

  2. Disable Forms Authentication on the Director site.

    Start IIS Manager.

    Go to Sites > Default Web Site > Director.

    Select Authentication.

    Right-click Forms Authentication, and select Disable.

    Disable forms authentication

  3. Configure the Director URL for the more secure https protocol (instead of HTTP) for client certificate authentication.

    1. Start IIS Manager.

    2. Go to Sites > Default Web Site > Director.

    3. Select SSL Settings.

    4. Select Require SSL and Client certificates > Require.

    SSL settings

  4. Update web.config. Open the web.config file (available in c:\inetpub\wwwroot\Director) using a text editor.

Under the <system.webServer> parent element, add the following snippet as the first child element:

<defaultDocument>
   <files>
       <add value="LogOn.aspx"/>
   </files>
</defaultDocument>

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:69 次

字数:2686

最后编辑:6 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文