Trusted platform module support – Lenovo ThinkVantage Client Security Solution 8.3 User Manual

Page 12

background image

Table 1. Public properties

Property

Description

EMULATIONMODE

Specify to force the installation in Emulation mode even if
a TPM exists. Set EMULATIONMODE=1 on the command
line to install in Emulation mode.

HALTIFTPMDISABLED

If the TPM is in a disabled state and the installation
is running in silent mode, the default is for the
installation to proceed in emulation mode. Use the
HALTIFTPMDISABLED=1 property when running the
installation in silent mode to halt the installation if the
TPM is disabled.

NOCSSWIZARD

Set NOCSSWIZARD=1 on the command line to prevent
the Client Security Solution enrollment dialog from being
displayed automatically after installing Client Security
Solution. This property is configured for an administrator
who wants to install Client Security Solution, but use
scripting later when configuring the system.

CSS_CONFIG_SCRIPT

Set CSS_CONFIG_SCRIPT=“filename” or “filename
password” to have a configuration file run after the user
completes the install and reboots.

SUPERVISORPW

Set SUPERVISORPW=“password” on the command line
to supply the supervisor password to enable the chip in
silent or non-silent install mode. If the chip is disabled
and the installation is running in silent mode, the correct
supervisor password must be supplied to enable the chip,
otherwise the chip is not enabled.

PWMGRMODE

Set PWMGRMODE=1 on the command line to install
Password Manager only.

NOSTARTMENU

Set NOSTARTMENU=1 on the command line to prevent
generating shortcut in the start menu.

CREATESHORTCUT

Set CREATESHORTCUT=1 on the command line to add
an entry into the Start Menu.

Trusted Platform Module support

Client Security Solution 8.3 includes support for the computer embedded security chip, the Trusted Platform
Module (TPM). If your Lenovo computer includes a TPM supported by the Windows operating system, Client
Security Solution will use the drivers integrated with the Windows operating system.

It might require a reboot to enable the TPM, as the TPM is enabled by the system BIOS. If your are running
Windows 7, you may be asked to confirm whether to enable the TPM during system startup.

Before any functions can be carried out by the Trusted Platform Module, ownership must first be initialized.
Each system will have one Client Security Solution administrator that will control the Client Security Solution
options. This administrator must have Windows administrator privileges. The administrator can be initialized
using XML deployment scripts.

After ownership of the system is configured, each additional Windows user that logs into the system is
automatically prompted with the Client Security Setup wizard in order to enroll and initialize the user’s
security keys and credentials.

6

Client Security Solution 8.3Deployment Guide