Lenovo ThinkPad T400 (English) Hardware Password Manager Deployment Guide - Page 30

Enrolling additional users on a Hardware Password Manager device, Hardware Password Manager devices. - windows 10

Get Lenovo ThinkPad T400 PDF manuals and user guides View all Lenovo ThinkPad T400 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 30 highlights

When the client is installed, it communicates with the Hardware Password Manager server to authenticate the device. The client can then request Hardware Password Manager policy settings from the Hardware Password Manager server. The registration process is then completed when the user enters credentials for logging on to the device. For registration to occur, the device must be connected to the network on which the Hardware Password Manager server is located. The administrator has two options for initiating registration of Hardware Password Manager devices: • Registration is automatically started when the user logs on to Windows. For this option, the administrator selects the Auto-start registration at Windows logon option in the client policy that is applied to Hardware Password Manager devices. • The user opens the Client Portal to begin registration. To register a device with the Hardware Password Manager server and enroll a user: 1. Click Start ➙ All Programs ➙ ThinkVantage ➙ Hardware Password Manager to open the Client Portal. (If your administrator has set up auto-start, the portal will open automatically when you log in.) 2. Click Restart to restart the device. 3. After the BIOS loads, the HPM initialization process verifies that you want to continue with the registration. Press Enter to continue. After Windows starts and you log in, the Client Portal dialog box opens automatically. 4. Under Enter your Windows account, enter your user name and password for logging in to Windows. The user name you currently used to log in with should already be filled in for you. 5. Under Enter your Intranet Account, enter your user name, password, and domain for logging in to the domain on this device. Note: If the policy is set for the intranet account equals the Windows account, you will only be prompted for one set of credentials. 6. The Enter your Hardware Account window may pop up according to the server policy. Click Finish. 7. The system will automatically suspend and then resume. 8. After logging on to the desktop, it will prompt you to restart. 9. Click OK to restart the device. 10. At the BIOS login prompt, log in using your Windows credentials or hardware account credentials for the device. If you clear Enable First User enrolled on a machine as Administrator, the first enrolled user has user privilege in BIOS. If you select Enable First User enrolled on a machine as Administrator, the first enrolled user has administrator privilege in BIOS. Enrolling additional users on a Hardware Password Manager device More than one user can log in to a Hardware Password Manager device with single-sign-on protection if your administrator has enabled multiple users. When any of the enrolled users log in to the device, the Client Portal runs and they are automatically logged in to Windows. The following are required for enrolling additional users on a device: • In the client policy applied to the device, Allow multiple users to enroll on a single device must be selected. • For each additional user, an account must be created on the device. 22 Hardware Password Manager Deployment Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
When the client is installed, it communicates with the Hardware Password Manager server to authenticate
the device. The client can then request Hardware Password Manager policy settings from the Hardware
Password Manager server. The registration process is then completed when the user enters credentials
for logging on to the device.
For registration to occur, the device must be connected to the network on which the Hardware Password
Manager server is located.
The administrator has two options for initiating registration of Hardware Password Manager devices:
Registration is automatically started when the user logs on to Windows. For this option, the administrator
selects the
Auto-start registration at Windows logon
option in the client policy that is applied to
Hardware Password Manager devices.
The user opens the Client Portal to begin registration.
To register a device with the Hardware Password Manager server and enroll a user:
1. Click
Start
All Programs
ThinkVantage
Hardware Password Manager
to open the Client
Portal. (If your administrator has set up auto-start, the portal will open automatically when you log in.)
2. Click
Restart
to restart the device.
3. After the BIOS loads, the HPM initialization process verifies that you want to continue with the
registration. Press Enter to continue. After Windows starts and you log in, the
Client Portal
dialog box
opens automatically.
4. Under
Enter your Windows account
, enter your user name and password for logging in to Windows.
The user name you currently used to log in with should already be filled in for you.
5. Under
Enter your Intranet Account
, enter your user name, password, and domain for logging in to
the domain on this device.
Note:
If the policy is set for the intranet account equals the Windows account, you will only be
prompted for one set of credentials.
6. The Enter your Hardware Account window may pop up according to the server policy. Click
Finish
.
7. The system will automatically suspend and then resume.
8. After logging on to the desktop, it will prompt you to restart.
9. Click
OK
to restart the device.
10. At the BIOS login prompt, log in using your Windows credentials or hardware account credentials for
the device.
If you clear
Enable First User enrolled on a machine as Administrator
, the first enrolled user has user
privilege in BIOS. If you select
Enable First User enrolled on a machine as Administrator
, the first enrolled
user has administrator privilege in
Enrolling additional users on a Hardware Password Manager device
More than one user can log in to a Hardware Password Manager device with single-sign-on protection if your
administrator has enabled multiple users. When any of the enrolled users log in to the device, the Client
Portal runs and they are automatically logged in to Windows.
The following are required for enrolling additional users on a device:
In the client policy applied to the device,
Allow multiple users to enroll on a single device
must be
selected.
For each additional user, an account must be created on the device.
22
Hardware Password Manager Deployment Guide
BIOS.