This document describes how to create a custom Active Directory certificate template on a Windows server and then configure the HYPR Workforce Access client application to use the certificate when a user registers or authenticates on a workstation. There are three main steps in this process:
Before you begin, verify that:
- Active Directory Certificate Services are deployed within the domain
- Your account on the Windows server has privileges to modify the Certificate Authority settings
- The HYPR Workforce Access client application is already installed on the workstation
- Log into the Windows server that performs the Certificate Authority role, either directly or via a remote desktop client.
- Open the Microsoft Management Console (MMC).
- In the console, select File>Add/Remove Snap-in…
- Add Certificate Templates to the list of selected snap-ins in the Console root.
- Open the Certificate Templates snap-in, right-click on the Smartcard User template, and select Duplicate Template.
- Change the name of the created certificate template (e.g. `HYPRMacOSAuthentication).
- On the Windows Server, open the Certification Authority console.
- In the left navigation pane, right-click on the machine name and select Properties.
- Go to the Policy Module tab, click the Properties... button, and make sure the "Follow the settings in the certificate template, if applicable. Otherwise, automatically issue the certificate" option is checked for Request Handling.
- Back in the left navigation pane, right-click on Certificate Templates and select New>Certificate Template to Issue.
- In the Enable Certificate Templates list, locate the HYPR certificate template you created above. Highlight the template name and click OK to publish it.
You will need to specify the name of the created certificate template in the
HyprOneService.plist file when the certificate template was created.
- Open the
CertificateTemplateto the name of your certificate template
- Save changes
- Restart the computer to apply changes
Updated 27 days ago