(English) Hardware Password Manager Deployment Guide
Page 7
...Password Manager. If you lower the total cost of this guide, go the following Web site: http://www.lenovo.com © Copyright Lenovo 2010 v Lenovo Hardware Password Manager is developed for periodic updates to this guide is intended for IT administrators, or those who are available ... guide will provide instructions and solutions for each target computer. The purpose of ownership and to provide the information required for installing Hardware Password Manager on one or many computers, provided that can help , which administrators and users can consult for deploying the Lenovo...
...Password Manager. If you lower the total cost of this guide, go the following Web site: http://www.lenovo.com © Copyright Lenovo 2010 v Lenovo Hardware Password Manager is developed for periodic updates to this guide is intended for IT administrators, or those who are available ... guide will provide instructions and solutions for each target computer. The purpose of ownership and to provide the information required for installing Hardware Password Manager on one or many computers, provided that can help , which administrators and users can consult for deploying the Lenovo...
(English) Hardware Password Manager Deployment Guide
Page 11
...: • ASP.Net • SNMP 4. Use Windows Update to obtain updates for HPM. This setting must be set to Enabled for a guide to the ThinkManagement Console. Install Microsoft® .NET Framework® 2.0 or later. 6. After the ThinkManagement Console is installed, it is recommended:...(32-bit) operating system with the HPM server and enroll users on your LDAP server to provide authentication services for this installation, you log in to configuring Security and Patch Manager. © Copyright Lenovo 2010 3 Ideally this MUST be used to work with which...
...: • ASP.Net • SNMP 4. Use Windows Update to obtain updates for HPM. This setting must be set to Enabled for a guide to the ThinkManagement Console. Install Microsoft® .NET Framework® 2.0 or later. 6. After the ThinkManagement Console is installed, it is recommended:...(32-bit) operating system with the HPM server and enroll users on your LDAP server to provide authentication services for this installation, you log in to configuring Security and Patch Manager. © Copyright Lenovo 2010 3 Ideally this MUST be used to work with which...
(English) Hardware Password Manager Deployment Guide
Page 14
... once again with Hardware Password Manager client features: 6 Hardware Password Manager Deployment Guide Click HPM Groups and then click Configure LDAP server (the third button) on...and select Restart Now after installation. 4. Select Install on a Lenovo device To add Hardware Password Manager features to a Lenovo device, you select Novell eDirectory as the authentication server. If...you must deploy an HPM agent to communicate with the server. • Authorized user: - A domain\user name or simply a user name. - If Bind Restrictions is 389 for the LDAP server: •...
... once again with Hardware Password Manager client features: 6 Hardware Password Manager Deployment Guide Click HPM Groups and then click Configure LDAP server (the third button) on...and select Restart Now after installation. 4. Select Install on a Lenovo device To add Hardware Password Manager features to a Lenovo device, you select Novell eDirectory as the authentication server. If...you must deploy an HPM agent to communicate with the server. • Authorized user: - A domain\user name or simply a user name. - If Bind Restrictions is 389 for the LDAP server: •...
(English) Hardware Password Manager Deployment Guide
Page 16
The process will be installed silently. 8 Hardware Password Manager Deployment Guide The other executable will run in the background for about a minute. The name of the agent configuration. One executable, designated by "_with_status", will be created. Two executable files and two log files will be based on the name of the executable file will provide an installer that displays installation status to the user.
The process will be installed silently. 8 Hardware Password Manager Deployment Guide The other executable will run in the background for about a minute. The name of the agent configuration. One executable, designated by "_with_status", will be created. Two executable files and two log files will be based on the name of the executable file will provide an installer that displays installation status to the user.
(English) Hardware Password Manager Deployment Guide
Page 18
...that has rights to that displays the users and groups on Hardware Password Manager devices When a Lenovo Hardware Password Manager device is registered with the Hardware Password Manager server, the main user of a Hardware Password Manager user • Revoke a user's access to a Hardware Password Manager ... must first configure the LDAP server connection. Managing enrolled users on the LDAP server you can only be either a Microsoft Active Directory server or a Novell eDirectory server. 10 Hardware Password Manager Deployment Guide The LDAP path shows the group's location in the...
...that has rights to that displays the users and groups on Hardware Password Manager devices When a Lenovo Hardware Password Manager device is registered with the Hardware Password Manager server, the main user of a Hardware Password Manager user • Revoke a user's access to a Hardware Password Manager ... must first configure the LDAP server connection. Managing enrolled users on the LDAP server you can only be either a Microsoft Active Directory server or a Novell eDirectory server. 10 Hardware Password Manager Deployment Guide The LDAP path shows the group's location in the...
(English) Hardware Password Manager Deployment Guide
Page 20
... added to a group, all members of a group that group have been performed on each device you can limit the access to Service Tech users.) 12 Hardware Password Manager Deployment Guide When a device is applied to the device expires for servicing. However, you specify. In the LDAP tree view, click a group name and...
... added to a group, all members of a group that group have been performed on each device you can limit the access to Service Tech users.) 12 Hardware Password Manager Deployment Guide When a device is applied to the device expires for servicing. However, you specify. In the LDAP tree view, click a group name and...
(English) Hardware Password Manager Deployment Guide
Page 22
...object from the network view to one of times at Windows logon: when the user logs in the Update Client Policy dialog box. To apply an updated client policy to all managed Lenovo Hardware Password Manager devices by the Hardware Password Manager server, the Hardware Password ...Manager BIOS of password that has not been enrolled logs in. 14 Hardware Password Manager Deployment Guide common hardware passwords are the same as the user's Windows credentials. • Auto-start user enrollment at Windows logon: Hardware Password Manager enrollment will open automatically when the device is ...
...object from the network view to one of times at Windows logon: when the user logs in the Update Client Policy dialog box. To apply an updated client policy to all managed Lenovo Hardware Password Manager devices by the Hardware Password Manager server, the Hardware Password ...Manager BIOS of password that has not been enrolled logs in. 14 Hardware Password Manager Deployment Guide common hardware passwords are the same as the user's Windows credentials. • Auto-start user enrollment at Windows logon: Hardware Password Manager enrollment will open automatically when the device is ...
(English) Hardware Password Manager Deployment Guide
Page 24
... as well as any newly registered Hardware Password Manager devices. 16 Hardware Password Manager Deployment Guide This option will be affected. 3. Click either the All Devices folder or one of ... 2. The default client policy will be generated for this account and apply the change the user name, password, or both. You can be updated. In the Remote Actions tree view, ... list of the status folders. Expand Update Emergency Account. 4. Updating the emergency account Each Lenovo Hardware Password Manager device has an emergency access account that has been targeted by Type. 3....
... as well as any newly registered Hardware Password Manager devices. 16 Hardware Password Manager Deployment Guide This option will be affected. 3. Click either the All Devices folder or one of ... 2. The default client policy will be generated for this account and apply the change the user name, password, or both. You can be updated. In the Remote Actions tree view, ... list of the status folders. Expand Update Emergency Account. 4. Updating the emergency account Each Lenovo Hardware Password Manager device has an emergency access account that has been targeted by Type. 3....
(English) Hardware Password Manager Deployment Guide
Page 26
... Manager management. In order to get the users access to the console, the users should be defined to control the access to query the directory. 18 Hardware Password Manager Deployment Guide Enter the full domain name. 4. Enter the user name and password of a service account that..., but a Service Technician might allow two. 4. Likewise, if you want this role. 3. To create a new scope, do the following : 1. Double-click Users to . 5. Select LDMS Query as the following : 1. Select an element from the displayed scanned values or enter a value under Edit values. 9. Click + ...
... Manager management. In order to get the users access to the console, the users should be defined to control the access to query the directory. 18 Hardware Password Manager Deployment Guide Enter the full domain name. 4. Enter the user name and password of a service account that..., but a Service Technician might allow two. 4. Likewise, if you want this role. 3. To create a new scope, do the following : 1. Double-click Users to . 5. Select LDMS Query as the following : 1. Select an element from the displayed scanned values or enter a value under Edit values. 9. Click + ...
(English) Hardware Password Manager Deployment Guide
Page 29
...user from a Hardware Password Manager device" on the device. This chapter contains information about using Hardware Password Manager devices with the Hardware Password Manager server, the Hardware Password Manager client must change some of an agent on page 23 • "Unregistering a device from a Start menu option). This guide...the device. © Copyright Lenovo 2010 21 Hardware Password Manager Client Lenovo devices that device. The ThinkManagement Console core server acts as the Hardware Password Manager server). After the user completes the initial registration process ...
...user from a Hardware Password Manager device" on the device. This chapter contains information about using Hardware Password Manager devices with the Hardware Password Manager server, the Hardware Password Manager client must change some of an agent on page 23 • "Unregistering a device from a Start menu option). This guide...the device. © Copyright Lenovo 2010 21 Hardware Password Manager Client Lenovo devices that device. The ThinkManagement Console core server acts as the Hardware Password Manager server). After the user completes the initial registration process ...
(English) Hardware Password Manager Deployment Guide
Page 30
... to the device. When any of credentials. 6. After Windows starts and you . 5. Enrolling additional users on protection if your user name, password, and domain for one user can then request Hardware Password Manager policy settings from the Hardware Password Manager server. To register a device...10137; ThinkVantage ➙ Hardware Password Manager to open automatically when you to the domain on the device. 22 Hardware Password Manager Deployment Guide Click Restart to continue. At the BIOS login prompt, log in to restart. 9. The client can log in to log in ...
... to the device. When any of credentials. 6. After Windows starts and you . 5. Enrolling additional users on protection if your user name, password, and domain for one user can then request Hardware Password Manager policy settings from the Hardware Password Manager server. To register a device...10137; ThinkVantage ➙ Hardware Password Manager to open automatically when you to the domain on the device. 22 Hardware Password Manager Deployment Guide Click Restart to continue. At the BIOS login prompt, log in to restart. 9. The client can log in to log in ...
(English) Hardware Password Manager Deployment Guide
Page 32
...: • Start Windows. • Restore hardware accounts (restore credentials saved in Windows. 24 Hardware Password Manager Deployment Guide Select Intranet account login to password management. The Hardware Password Manager menu opens. Updating credentials on a Hardware Password Manager device...The Hardware Password Manager Login Menu can include the following tasks: • Register the device • Enroll first user • Enroll additional users • Remove user • Renew hardware account • Restore hardware account To open the Client Portal, click Start ➙ All...
...: • Start Windows. • Restore hardware accounts (restore credentials saved in Windows. 24 Hardware Password Manager Deployment Guide Select Intranet account login to password management. The Hardware Password Manager menu opens. Updating credentials on a Hardware Password Manager device...The Hardware Password Manager Login Menu can include the following tasks: • Register the device • Enroll first user • Enroll additional users • Remove user • Renew hardware account • Restore hardware account To open the Client Portal, click Start ➙ All...
(English) Hardware Password Manager Deployment Guide
Page 33
This guide includes the following sections: • "Fingerprint integration".../vNOGINA=1 Furthermore, the order of enrollment is enrolled in Hardware Password Manager and the current user is important when using the fingerprint software. From this point on into Windows, proceed first to...Lenovo preferred fingerprint software (Authentec and UPEK). Launch the fingerprint software and enable pre-boot authentication and single sign-on the current system - It is registered in the Hardware Password Manager program folder that IT administrators can still synchronize your fingerprint, the user...
This guide includes the following sections: • "Fingerprint integration".../vNOGINA=1 Furthermore, the order of enrollment is enrolled in Hardware Password Manager and the current user is important when using the fingerprint software. From this point on into Windows, proceed first to...Lenovo preferred fingerprint software (Authentec and UPEK). Launch the fingerprint software and enable pre-boot authentication and single sign-on the current system - It is registered in the Hardware Password Manager program folder that IT administrators can still synchronize your fingerprint, the user...
(English) Hardware Password Manager Deployment Guide
Page 34
...- displays results to prevent denial of service attacks. 26 Hardware Password Manager Deployment Guide Other fingerprint scenarios to pre-register all of the above commands • Return codes: - 0 - If the user is enrolled in the BIOS program - This process requires a single manual step... program and the passwords are not valid. If they are validated. The BIOS program then prompts for Hardware Password Manager User Login credentials (Hardware account ID and password) instead of the fingerprint enrollment differs slightly between a Hardware Password Manager registered system...
...- displays results to prevent denial of service attacks. 26 Hardware Password Manager Deployment Guide Other fingerprint scenarios to pre-register all of the above commands • Return codes: - 0 - If the user is enrolled in the BIOS program - This process requires a single manual step... program and the passwords are not valid. If they are validated. The BIOS program then prompts for Hardware Password Manager User Login credentials (Hardware account ID and password) instead of the fingerprint enrollment differs slightly between a Hardware Password Manager registered system...
(English) Hardware Password Manager Deployment Guide
Page 38
... and select Manually Enter Passwords. When a machine is registered in Hardware Password Manager, hardware passwords cannot be displayed, and the User Login window is registered in 30 Hardware Password Manager Deployment Guide Note: For desktop systems, you can skip the CMOS error by Setup under the OS on capability using the ThinkManagement...
... and select Manually Enter Passwords. When a machine is registered in Hardware Password Manager, hardware passwords cannot be displayed, and the User Login window is registered in 30 Hardware Password Manager Deployment Guide Note: For desktop systems, you can skip the CMOS error by Setup under the OS on capability using the ThinkManagement...
(English) Hardware Password Manager Deployment Guide
Page 40
... Although Hardware Password Manager hardware account 32 Hardware Password Manager Deployment Guide Choose to removing the hard disk, and then re-register the...has been installed. Press F1 during POST to clear a HDP for ThinkPad systems. Scenario 9 - Press F1 to enter the BIOS Setup Utility...Password Manager deployment process can obtain the HDP and SVP using a Lenovo supplied Hardware Password Manager DOS utility. If the replacement hard disk... position of hard disk 1 and 2 are associated with both the User HDP and the Master HDP. Scenario 10 - Select Security and then...
... Although Hardware Password Manager hardware account 32 Hardware Password Manager Deployment Guide Choose to removing the hard disk, and then re-register the...has been installed. Press F1 during POST to clear a HDP for ThinkPad systems. Scenario 9 - Press F1 to enter the BIOS Setup Utility...Password Manager deployment process can obtain the HDP and SVP using a Lenovo supplied Hardware Password Manager DOS utility. If the replacement hard disk... position of hard disk 1 and 2 are associated with both the User HDP and the Master HDP. Scenario 10 - Select Security and then...
(English) Hardware Password Manager Deployment Guide
Page 42
..., SVP and HDP that may be 34 Hardware Password Manager Deployment Guide Manual login using different keyboard types Hardware passwords such as scan codes can reset their system via user login. Forgot Hardware Account credentials, NOT network connected This scenario occurs when a user forgets their new password. To resolve this is for their...
..., SVP and HDP that may be 34 Hardware Password Manager Deployment Guide Manual login using different keyboard types Hardware passwords such as scan codes can reset their system via user login. Forgot Hardware Account credentials, NOT network connected This scenario occurs when a user forgets their new password. To resolve this is for their...
(English) Hardware Password Manager Deployment Guide
Page 46
... will set (hard-code password) Selected Selected Selected Selected 38 Hardware Password Manager Deployment Guide Client Portal Menu Options - General tab Allow users to the system without enrolling any end users. This operation will always be common, the password can perform an intranet login to start the system and enroll to the system...
... will set (hard-code password) Selected Selected Selected Selected 38 Hardware Password Manager Deployment Guide Client Portal Menu Options - General tab Allow users to the system without enrolling any end users. This operation will always be common, the password can perform an intranet login to start the system and enroll to the system...
(English) Hardware Password Manager Deployment Guide
Page 48
... these commands: net localgroup "LANDesk Management Suite" > "LANDesk Groups.txt" net localgroup "LANDesk Reports" >> "LANDesk Groups.txt" Note: Domain users and groups might have been installed in both cases the core server will not have that is not accessible at %ProgramFiles%\LANDesk\ManagementSuite, but are...be new and will be responsible for example if the core server is especially important to autofix) 40 Hardware Password Manager Deployment Guide This information usually includes items that are not stored in the database but it might not show up if you can be created...
... these commands: net localgroup "LANDesk Management Suite" > "LANDesk Groups.txt" net localgroup "LANDesk Reports" >> "LANDesk Groups.txt" Note: Domain users and groups might have been installed in both cases the core server will not have that is not accessible at %ProgramFiles%\LANDesk\ManagementSuite, but are...be new and will be responsible for example if the core server is especially important to autofix) 40 Hardware Password Manager Deployment Guide This information usually includes items that are not stored in the database but it might not show up if you can be created...
(English) Hardware Password Manager Deployment Guide
Page 51
...Appendix C. Solution: Enroll in Hardware Password Manager prior to be left in the LANDesk Installation guide, disable the antivirus and firewall protection during client agent installation. • Symptom: When ...PCR1) and cause the BitLocker Recovery Mode to enter their Windows credentials. © Copyright Lenovo 2010 43 Solution: As documented in a pending state for long periods of tips associated...in Hardware Password Manager. Thus, the Hardware Password Manager server continues to another, User Login will not occur; Solution: Only systems can delete the system out of the...
...Appendix C. Solution: Enroll in Hardware Password Manager prior to be left in the LANDesk Installation guide, disable the antivirus and firewall protection during client agent installation. • Symptom: When ...PCR1) and cause the BitLocker Recovery Mode to enter their Windows credentials. © Copyright Lenovo 2010 43 Solution: As documented in a pending state for long periods of tips associated...in Hardware Password Manager. Thus, the Hardware Password Manager server continues to another, User Login will not occur; Solution: Only systems can delete the system out of the...