How to interpret the tables
Connection
| Value |
Description |
| USB |
The token connects through a USB port. |
| Smart Card |
The token is a Smart Card that you have to insert in a supported reader, which FRP can read. |
| Biometric |
A biometric reader, such as a fingerprint reader. |
Integration Type
| Value |
Description |
| Stored Value |
The information needed to authenticate a user is stored on the token itself. |
| PKI |
The certificate is in a PKI store, such as Active Directory, and used to initialize the token by the ePO extension. |
| Self-Init |
The certificate is not located in a PKI store. The product initializes the token when the Smart Card is first presented to the user, during authentication. The ePO extension would not have seen the card or certificate before it is used for the first time. |
Token Smart Card Standards
| Value |
Description |
| CAC |
The Common Access Card (CAC) is a United States Department of Defense (DoD) Smart Card. It is issued as a:
- Standard identification for active duty military personnel
- Reserve personnel
- Civilian employees
- Other non-DoD government employees
- State employees of the National Guard
- Eligible contractor personnel.
|
| PIV |
Federal Information Processing Standard Publication 201 (FIPS 201) is a United States federal government standard that specifies Personal Identity Verification (PIV) requirements for federal employees and contractors. |
How to configure and use tokens with FRP
See the FRP product guide for your product version to configure and use tokens.
To view known issues with tokens, see
KB85807 - File and Removable Media Protection 5.x Known Issues.
Supported Tokens with FRP
| Brand |
Type |
Connection |
Integration Type |
Notes/Token Type from Policy |
Support Included |
| ATOS (Siemens) |
CardOS 5.3 |
Smart Card |
PKI
Self-Int |
Siemens CardOS PKI Smart Card |
FRP 5.0.4 and later |
| CardOS 4.4 |
Smart Card |
PKI
Self-Int |
Siemens CardOS PKI Smart Card |
FRP 5.0.4 and later |
FAQs
What version of middleware is required?
Customers who want to use the Smart Card at the Windows logon must install the middleware for Windows to support the Smart Card in use.
If my token is not in the list, is it still supported?
Generally, if a token is not listed in this document, it is unsupported.
The following applies:
- To request support for a new token, submit a product idea. Product ideas are directed to Product Management. For details, see the Related Information section.
- When a combination of a supported reader and a supported token is not working as expected, contact Technical Support to investigate. For details, see the Related Information section.
What happens if my token is in the supported list, but the token does not work?
The following occurs after you contact support:
- A Service Request (SR) for the issue is opened.
- Technical Support reviews the way your environment is configured.
- Technical Support conducts further research to investigate the issue if your environment matches the required settings.
- As a possible outcome, Technical Support might request that you submit a product idea (see the Related Information section below).
