Quick Start into ActivID ActivClient

Contents of the ActivID ActivClient Distribution

Folder Description

Product

Setup.exe - automatically detects the platform processor type 64-bit and installs ActivClient and its system prerequisites.
Digitally signed version of ActivClient setup: ActivID ActivClient x64 7.4.1.msi
Documentation https://docs.hidglobal.com/activid-activclient-v7.4.1/Default.htm
Admin

  • Unsigned versions of ActivClient setup

  • Administrative templates (ADMX and ADML)

  • Additional administrative utilities and samples
SDK

Content of the ActivClient SDK to leverage ActivClient middleware to build your own smart card-enabled applications.

Installation and Configuration

Installing

From the ActivClient distribution, run the setup.exe, and follow the Setup Wizard instructions for a typical (recommended) installation.

Configuring Use the ActivClient administrative templates in the Microsoft Management Console to define the Group Policy settings for local and domain users.

Getting Started with ActivID ActivClient

Smart Card Status Action

You have a blank smart card (not initialized, no PIN)

You must initialize your smart card.

You can download a certificate supporting PKI login.

You have a smart card with a PIN and a certificate or One-Time Password credentials

Your smart card is ready to use.

You can sign emails, access secure Web sites etc.

Generating One-Time Passwords

Automatically generate a One-Time Password

  1. Left or right-click on the ActivClient Agent icon in the Windows notification area and select Get One-Time Password.

  2. Paste the password into the authentication window.
Manually generate a One-Time Password (Challenge/Response)

  1. Either from the ActivClient User Console tasks pane, select Generate one-time password, or from the ActivClient User Console right pane, double-click the server’s icon.

  2. Select Manual (Challenge/Response) from the Type drop-down list.

  3. Locate the challenge on the application you are authenticating to and enter it in the Challenge field.

  4. Click Generate.

  5. Type (or copy and paste) the generated one-time password into the authentication window.

Using Digital Certificates

Log on to Windows with a certificate

In the Log On to Windows window, enter your smart card PIN.

After a few moments, you are logged on and your desktop is displayed.
Connect to a secure Web site

  1. Access the secure Web site using Microsoft Internet Explorer, Microsoft Edge, Google Chrome or Mozilla Firefox.

  2. In the Client Authentication dialog box, select a certificate on your smart card and enter your PIN.

  3. Your browser sends your certificate and a digital signature to the Web server. The Web server checks your signature and grants access to the secured site.

Send/read a digitally-signed email message with Microsoft Outlook

  • To send a signed message, compose a message and, from the Security properties, select the Add digital signature to this message option.

  • To read a signed message, select the message you want to read.

    The message is displayed with a secure message icon when the sender is successfully authenticated.

Send/read an encrypted email message with Microsoft Outlook

  • To send an encrypted message, compose a message and, from the Security properties, select the Encrypt Message Contents and Attachments option.

  • To read an encrypted message, select the message you want to read and when prompted, enter your PIN.

    The message is displayed along with the secure message icon showing the encryption status.

Encrypt/decrypt files

To encrypt a file:

  1. Right-click on the file to encrypt and select Properties, then Advanced.

  2. Select Encrypt contents to secure data.

  3. If it is the first file that you encrypt, select your encryption certificate.

To decrypt a file:

  1. Open the file to decrypt.

  2. Click on the EFS notification window and enter your PIN.

Managing Your Smart Card

View your smart card content

From the Start menu, go to the programs or apps directory, and select User Console under ActivID ActivClient.

You can view your smart card content, organized by credential type.
Change your PIN code (Note: The workstation must be in a domain.)

  1. From your Microsoft Windows desktop, press Ctrl+Alt+Del and then select Change a password.

  2. Enter your old PIN code and then enter and confirm your new PIN code. Use a PIN compliant with the PIN rules in place in your deployment.

  3. Click the arrow to apply the change.

If the Microsoft Windows password change dialog is displayed instead, select Other credentials or Sign-in options and then select the smart card tile labelled Smart card PIN change. Change your PIN code as described above.

Update Your Smart Card

If an update is available for your smart card, ActivClient might automatically prompt you to update your card using the ActivID CMS My Digital ID Card portal.

You can also manually check for updates:

  1. In the User Console, make sure the correct smart card reader is selected.

  2. From the Tools menu, select Advanced and then Check for card update.

  3. Follow the displayed instructions.
Unlock your smart card

You can unlock your smart card using ActivClient if allowed by your card configuration. Either:

  • Enter the Unlock Code that you recorded when you initialized your card, or contact your help desk to obtain the code, OR

  • Give your help desk the Challenge Code and then enter the Unlock Code that the help desk operator gives you.

Enter a new PIN, re-enter the new PIN in the Verify field, and click OK.

Troubleshooting

Run the ActivClient Advanced Diagnostics tool

  1. From the Start menu, go to the programs or apps directory, and select Advanced Diagnostics under ActivID ActivClient.

  2. Insert a smart card and click Diagnose.

  3. Send the diagnostic report to your help desk.

Enable logging

  1. From the ActivClient User Console, go to the Tools menu, select Advanced, and then Enable Logging.

  2. Gather the log files and send them to your help desk.