Smart Card Auto-Update

ActivClient provides an Automatic Smart Card Update feature.

For a full description of the Smart Card Auto-Update feature, see Auto-Update with ActivID CMS.

The tasks in this section describe the ActivClient auto-update policy settings that you can configure.

Important: Restart Workstation

For the Smart Card Auto-Update policy changes to be applied, you must restart the workstation.

Prerequisites:

The Smart Card Auto-Update is only available if smart card discovery information caching is enabled (that is, if Disable smart card discovery information caching is not configured or disabled).

CMS MDIDC Timeout (in Seconds)

Description:

Defines the maximum time (in seconds) allocated to perform a smart card update using CMS My Digital ID Card. When this timeout is reached, the process running the browser is terminated.

If this setting is not configured or disabled, then the timeout is set to 600 seconds.

Possible Values:

  • Not Configured

  • Enabled – displays the default value, 600, and can be updated

  • Disabled

CMS Server URL

Description:

Defines the connection URL for the ActivID CMS server (see the ActivID CMS documentation). The port number must be included in the URL.

Example: http://cms.mycompany.com:89898

If this setting is not configured or disabled, then no automatic update check is performed on card insertion.

Possible Values:

  • Not Configured

  • Enabled – enter the ActivID CMS server URL

  • Disabled

CMS Synchronization Manager Timeout (in Seconds)

Description:

Defines the maximum time (in seconds) allocated to check with ActivID CMS if smart card updates are available.

If this setting is not configured or disabled, then the timeout is set to 5 seconds.

A value of zero (0) means there is no client timeout, in which case the client timeout is determined by the server settings.

Possible Values:

  • Not Configured

  • Enabled – displays the default value, 5, and can be updated

  • Disabled

Enable Card Auto-Update

Description:

Defines if ActivClient will automatically check if inserted smart cards can be updated with card content updates available in the ActivID CMS. The smart card update process starts if updates are available.

If this card auto-update is enabled, then the ActivID CMS server URL must be specified for ActivClient to perform the Auto-update check.

Possible Values:

  • Not Configured

  • Enabled

  • Disabled

Frequency of Update (in Days)

Description:

Defines the interval (in days) between checks for smart card updates.

If this setting is not configured or disabled, then the update frequency is set to 7 days.

Possible Values:

  • Not Configured

  • Enabled – displays the default value, 7, and can be updated

  • Disabled

Maximum Delay for Card Update Check After Card Insertion

Description:

Defines how long (in minutes) ActivClient waits after card insertion before it contacts ActivID CMS to determine if smart card updates are available. This delay is a random value – between 0 and the maximum delay defined in this setting (in minutes).

Recommended values are between 1 and 10.

If this setting is not configured or disabled, then the delay is set to 5 minutes.

Possible Values:

  • Not Configured

  • Enabled – displays the default value, 5, and can be updated

  • Disabled

Maximum Delay for Card Update Check After Windows Logon

Description:

Defines how long (in minutes) ActivClient waits after Microsoft Windows logon before it contacts ActivID CMS to determine if smart card updates are available.

To spread the requests received by ActivID CMS, this delay is a random value – between 0 and the maximum delay defined in this setting (in minutes).

Recommended values are between 5 and 120.

If this setting is not configured or disabled, then the delay is set to 120 minutes.

Possible Values:

  • Not Configured

  • Enabled – displays the default value, 120, and can be updated

  • Disabled

Maximum Number of CMS MDIDC Card Update Retries

Description:

Defines the maximum number of attempts to update the smart card and check the synchronization result after the CMS MDIDC timeout expires.

Number of attempts should be between 0 and 10.

If this setting is not configured, 2 attempts are configured. By enabling this setting, the number of attempts can be updated. If this setting is disabled, this means that no retry is executed. This is equivalent to setting the number of retries to 0.

Possible Values:

  • Not Configured

  • Enabled – displays the default value, 2, and can be updated

  • Disabled

Maximum Number of CMS Synchronization Manager Retries

Description:

Defines the maximum number of attempts to connect to the CMS Synchronization Manager after timeout.

If this setting is not configured or disabled, the number of attempts is set to 2.

Possible Values:

  • Not Configured

  • Enabled – displays the default value, 2, and can be updated

  • Disabled