Lenovo ThinkVantage Client Security Solution 8.3 User Manual
Page 69
3. From the File menu, click Add/Remove Snap-in, and then click Add. The Add Standalone snap-in
window displays.
4. Double-click Certification Authority in the snap-in list, and click Close.
5. Click OK in the Add/Remove Snap-in window.
6. Click Certificate Templates from the console tree. All of the certificate templates are displayed
in the left pane.
7. Click Action ➙ Duplicate Template.
8. In the Display Name field, type TPM User.
9. Click the Request Handling tab, and click CSPs. Be sure to select Requests can use any CSP
available on the subject's computers.
10. Click the General tab. Make sure that Publish Certificate in Active Directory is selected.
11. Click the Security tab, in the Group or user names list, click Authenticated Users and make sure
Enroll is selected in the Permissions for Authenticated Users option.
Configuring an enterprise certification authority
To issue the TPM User certificate by configuring an enterprise certification authority, complete the following
procedure:
1. Open Certification Authority.
2. In the console tree, click Certificate Templates.
3. From the Action menu, click New ➙ Certificate to Issue.
4. Click TPM and click OK.
Applying certificate from the Client
To apply the certificate from the Client, complete the following procedure:
1. Connect to the Intranet, start Internet Explorer, and type in the IP address of the server where CA
service is installed.
2. Input your domain user name and password in the prompt window.
3. Click Request a certificate under Select a task.
4. Click advanced certificate request at the bottom of the Web page.
5. On the Advanced Certificate Request page, change the following settings:
• Select TPM User from the Certificate Template drop-down list.
• Select ThinkVantage Client Security Solution CSP from the CSP drop-down list.
• Make sure the Mark keys as exportable is not selected.
• Click Submit and follow the process.
• On the Certificate Issued page, click Install this certificate. The Certificate Installed page is
displayed.
Using USB fingerprint keyboards with 2008 ThinkPad notebook computer
models (R400/R500/T400/T500/W500/X200/X301)
Lenovo contracts with two vendors to provide fingerprint authentication in ThinkPad
®
notebook computer
models and USB keyboards. ThinkPad notebook computer models prior to 2008 (for example, T61) use
ThinkVantage fingerprint sensors. 2008 ThinkPad notebook computer models (starting with T400) use
Lenovo fingerprint sensors. All Lenovo USB fingerprint keyboards use ThinkVantage fingerprint sensors.
Special considerations are required if the fingerprint keyboard is used on some ThinkPad notebook models
(for example, ThinkPad T400 with an external USB keyboard).
Chapter 6
.
Best Practices
63