Step 1 - Create Batch File
It will be required to create a batch file which will contain the details of the users who the smart card tokens will be batch issued for.
If a Microsoft CA is used then the users Distinguished Name (DN) will need to be used. The format of the file in this case would be as in example below:
# A comment if required CN=Alice Burke,OU=CMS Users,DC=versasec,DC=com CN=Bob Ward,OU=test2,DC=versasec,DC=com |
The file needs to be saved as UTF-8 encoding format. From Notepad, for example, it is possible to specify the encoding format that the file will be saved as.
If an Entrust CA is used and the Entrust CA mechanism where a Reference number and Authorization code is used then the values for the Reference number and Authorization code should be used. The format in this case would be as in example below:
# A comment if required Reference number: 12099327,Authorization code: DFTZ-MPRI-A6ZE Reference number: 12099328,Authorization code: 9UDE-EVWN-I9XR |
The file needs to be saved as UTF-8 encoding format. From Notepad, for example, it is possible to specify the encoding format that the file will be saved as.
Step 2 - Batch Issue Smart Card Tokens
1. From the Lifecycle page and with the smart card tokens that are to be issued attached (either as multiple connected smart card readers or in a card feeder for a card printer) select the card template that is to be used from the drop-down list, click the Issued oval and click the Batch button.
2. Enter the operator PIN code when prompted.
3. Enable the Select manually radio button if it is required to manually select the user one-by-one from the user directory during the issuance process or Enable the Take from input file radio button if it is required to use a preconfigured batch file as described in Step 1 above. Click the Browse and select the preconfigured batch file.
4. If during a previous batch issuance the issuance failed for some reason and did not complete all of the smart card issuance a pending file will be automatically created with the records of the users who failed to get issued originally. If such a file was generated it will be possible to enable the Take from pending batch radio button and select the pending file to be used in this case.
5. The number of records will be listed in the window indicating how many smart card tokens are to be batch issued.
6. In the Printer Options section enable the Run until card feeder is empty check box if you want the batch issuance to run until all smart card tokens in the card feeder is empty. Enter the number of smart card tokens that should be issued in the Maximum cards to process field. Enable the Preview before start if it is required to perform a print preview before actually issuing and printing the smart card token. This can be useful so as not to lose any smart cards during the printing process if the print preview shows that some card data is missing for a particular user.
7. If multiple smart card readers are used for batch issuance then the number of connected smart card reader with inserted cards will be listed in the Smart Card Reader(s) section.
8. Click the Configure button to view additional information about the attached readers. This can be useful if you need to verify the state that the connected smart cards are in before performing the actual issuance. In this example, the connected smart cards are in an unregistered state, i.e. they are blank smart card tokens. For example, you may have a smart card connected that has already been issued on the system which would then show up as Issued in the Card Status cell. You could then remove this smart card and insert another smart card or you could disable the checkbox which would result in this record being skipped during the issuance process.
9. On clicking the Start button the issuance flow will begin. This will take several minutes depending on the number of smart cards that need to be issued. A status dialog will appear informing the operator at what stage the batch issuance is at.
10. At the end of the batch issuance a summary dialog will be displayed. Enable the Show batch result details checkbox and click Ok to view a more detailed summary of the batch issuance.
11. Select a record from the table and click the Result button to see more details on what operations were performed.
12. The summary details can be useful when investigating why a smart card token failed to be successfully issued.
Step 3 - Verify Card Issuance
Once the smart cards have been issued it will be necessary to identify which smart cards have been issued to which users. It is recommended to use one reader and connect each smart card token one-by-one and from the Lifecycle page you can see who the smart card was issued to. This validation would be necessary when multiple smart card readers are used to batch issue.