Installing the HID Authentication Device Client

The HID Authentication Device Client is a lightweight client application adding support for authenticating to the DigitalPersona Identity Server using fingerprint and PKI Smart Card credentials.

It does not have a graphical or command line interface and has no other features in common with the other DigitalPersona clients.

For a description of HID Authentication Device Client features, see Using the HID Authentication Device Client.

Prerequisites

Before installing the HID Authentication Device Client on a computer, make sure it meets the system requirements and prerequisites, and that you have Administrative Rights on the computer.

Deployment Considerations

If your environment includes more than one installation of DigitalPersona LDS Server, and if those servers are not part of the same AD LDS configuration set, then your DigitalPersona LDS Authentication Device Clients should be part of an OU where you can create a GPO defining the specific AD LDS instance name where the DigitalPersona LDS Server is hosted.

See the AD LDS instance name setting.

Upgrading from Previous Versions

Detailed information about upgrading and migrating existing deployments is available in the Upgrade Notes provided in the Documentation folder of the DigitalPersona LDS package.

Compatibility

This version of HID Authentication Device Client is compatible with the following DigitalPersona products:

Note: It cannot be installed on a computer with any other Altus or DigitalPersona products.

Install HID Authentication Device Client Locally

  1. Launch the installer from the HID Authentication Device Client folder of the product package:

    • Run Setup.exe from the HID Authentication Device Client folder of the product package.

    • Or, for silent mode, enter setup.exe /s /v” /qn” at the command line.

  2. When the Welcome page displays, click Next to proceed with the installation.

  3. Read the License Agreement page. If you agree, select the I accept the terms in the license agreement button and click Next.

  4. On the next page, you can specify the folder that HID Authentication Device Client will be installed in. If you want to install it to the default location, click Next.

    Otherwise, click Change to specify a new location and then click Next to continue.

  5. Click Next and then Install, to begin the installation.

  6. When installation is complete, a final page displays. Click Finish.

For a description of HID Authentication Device Client features, see Using the HID Authentication Device Client.

Install HID Authentication Device Client Remotely

The installer for the HID Authentication Device Client uses Microsoft Windows Installer (MSI) technology, which allows administrators to remotely install or uninstall the software using Active Directory administration tools, or other software deployment tools.

Note:  
  • This installer is only compatible with program distribution (installation or uninstallation) to computers.

  • Some steps will vary depending on the operating system version.

  • It cannot be used for program distribution to users.

  1. For mixed 32- and 64-bit environments, copy the entire contents of the HID Authentication Device Client folder to a network share.

  2. (Optional) To install only to a specific OU, create a Group Policy Object (GPO) that will be used to distribute the software package.

  3. Install any prerequisites (see System Requirements) on the target computers.

  4. Assign the package:

    1. Start the Group Policy Management snap-in from the Windows Server Manager, Tools menu, selecting Group Policy Management.

    2. In the Group Policy Management tree, under the appropriate domain, right-click Default Domain Policy and choose Edit from the context menu. This will launch the Group Policy Management Editor.

    3. In the Group Policy Management Editor, open Computer Configuration, Policies, Software Settings, Software installation.

    4. Right-click Software installation and select New, Package from the context menu.

    5. In the Open dialog box, type the full Universal Naming Convention (UNC) path of the shared installer package that you want. For example, \\file server\share\file name.msi.

      Important: Do NOT use the Browse button to access the location. Make sure that you use the UNC path of the shared installer package.
    6. Click Open.

    7. In the Deploy Software dialog, click Assigned, and then click OK.

      The package is created and listed in the right panel of the Group Policy Management Editor window.

    8. For 32-bit installation packages only:

      1. Right-click the package and select Properties.

      2. On the Deployment tab, click Advanced.

      3. Deselect the Make this 32-bit X86 application available on Win64 machines checkbox.

        Note: If this checkbox remains selected, the application will not install.
  5. Installation will begin on each client during the first reboot after the computer obtains the deployment policy (that is, during the next scheduled AD policy refresh or as a result of running GPUPDATE\FORCE on the local computer).

Install HID Authentication Device Client Patches Remotely

The installer for the HID Authentication Device Client uses Microsoft Windows Installer (MSI) technology, which allows administrators to remotely install patches to software using Active Directory administration tools, or other software deployment tools.

Note:  
  • For mixed 32- and 64-bit environments, follow these steps twice - patching the administrative installation files for both environments.

  • This installer only works for computer-based policy installation, not user-based.

  • The following steps assume that an administrative installation package has been created as described in Install HID Authentication Device Client Remotely.

  • Some steps will vary depending on the operating system version.

  1. Update the installation package by opening a command prompt session and type the following command to patch the previously created installation package:

    Copy
    msiexec.exe /a [path\name of original MSI file]
    msiexec.exe /p [path\name of updated MSP file]\ /a [path\name of administrative installation file]
  2. Redeploy the application:

    1. Start the Group Policy Management snap-in - from the Windows Server Manager Tools menu, select Group Policy Management.

    2. Right-click the GPO that governs the computers you want to update and select Edit. This will launch the Group Policy Management Editor.

    3. In the Group Policy Management Editor, navigate to Computer Configuration/Policies/Software Settings/Software Installation.

    4. Right-click the previously deployed DigitalPersona client software package and select All Tasks\Redeploy application. Confirm your intent to redeploy the application.

  3. Installation will begin on each client during the first reboot after the computer obtains the deployment policy (that is, during the next scheduled AD policy refresh or as a result of running GPUPDATE\FORCE on the local computer).

Install HID Authentication Device Client using the Command Line

The HID Authentication Device Client can also be installed or uninstalled using MSI at the command line.

The syntax of the msiexec command is shown below and is followed by a description of the command line options, parameters and values available:

Copy
msiexec /i setup.msi [INSTALLDIR=”<directory>”] [ADDLOCAL=<software>] [BIOMETRICDATA=<location>] [REMOVE=<software>] [TRANSFORMS=<list of transform files>] [/qn] [other MSIEXEC options]

Command Line Options

Options Description

/i

(Required) Indicates that MSI will be used to install the DigitalPersona software.

It must be followed by the full pathname to the setup.msi file.

/qn

(Optional) Hides the user interface when installing the software on the computer, allowing a “silent install.”

If used, it is placed at the end of the command line.

Parameters

The following parameters can indicate where the software should be installed on the computer and what components should be included or removed.

Parameters Description

INSTALLDIR

(Optional) Specifies the location where the HID Authentication Device Client software should be installed. If a folder is not specified, the software will be installed in the following directory - C:\Program Files\DigitalPersona

Uninstall the HID Authentication Device Client

You can remove HID Authentication Device Client using the Add or Remove Programs option in the Control Panel or through MSI.

In the Control Panel, the software is listed as HID Authentication Device Client.

You must have local administrative privileges to modify or uninstall the HID Authentication Device Client.