Step 1 - Create Batch File
It will be required to create a batch file which will contain the details of the users who the credential tokens will be batch issued for.
If a Microsoft CA is used then the users Distinguished Name (DN) will need to be used. The format of the file in this case would be as in example below:
| # A comment if required CN=Alice Burke,OU=CMS Users,DC=versasec,DC=com CN=Bob Ward,OU=test2,DC=versasec,DC=com |
The file needs to be saved as UTF-8 encoding format. From Notepad, for example, it is possible to specify the encoding format that the file will be saved as.
If an Entrust CA is used and the Entrust CA mechanism where a Reference number and Authorization code is used then the values for the Reference number and Authorization code should be used. The format in this case would be as in example below:
| # A comment if required Reference number: 12099327,Authorization code: DFTZ-MPRI-A6ZE Reference number: 12099328,Authorization code: 9UDE-EVWN-I9XR |
The file needs to be saved as UTF-8 encoding format. From Notepad, for example, it is possible to specify the encoding format that the file will be saved as.
Step 2 - Batch Issue Credential Tokens
1. From the Lifecycle page and with the credential tokens that are to be issued attached (either as multiple connected credential readers or in a credential feeder for a credential printer) select the credential template that is to be used from the drop-down list, click the Issued oval and click the Batch button.
2. Enter the operator PIN code when prompted.
3. Enable the Select manually radio button if it is required to manually select the user one-by-one from the user directory during the issuance process or Enable the Take from input file radio button if it is required to use a preconfigured batch file as described in Step 1 above. Click the Browse and select the preconfigured batch file.
4. If during a previous batch issuance the issuance failed for some reason and did not complete all of the credential issuance a pending file will be automatically created with the records of the users who failed to get issued originally. If such a file was generated it will be possible to enable the Take from pending batch radio button and select the pending file to be used in this case.
5. The number of records will be listed in the window indicating how many credential tokens are to be batch issued.
6. In the Printer Options section enable the Run until credential feeder is empty check box if you want the batch issuance to run until all credential tokens in the credential feeder is empty. Enter the number of credential tokens that should be issued in the Maximum credentials to process field. Enable the Preview before start if it is required to perform a print preview before actually issuing and printing the credential token. This can be useful so as not to lose any credentials during the printing process if the print preview shows that some credential data is missing for a particular user.
7. If multiple credential readers are used for batch issuance then the number of connected credential reader with inserted credentials will be listed in the Credential Reader(s) section.
8. Click the Configure button to view additional information about the attached readers. This can be useful if you need to verify the state that the connected credentials are in before performing the actual issuance. In this example, the connected credentials are in an unregistered state, i.e. they are blank credential tokens. For example, you may have a credential connected that has already been issued on the system which would then show up as Issued in the Credential Status cell. You could then remove this credential and insert another credential or you could disable the checkbox which would result in this record being skipped during the issuance process.
9. On clicking the Start button the issuance flow will begin. This will take several minutes depending on the number of credentials that need to be issued. A status dialog will appear informing the operator at what stage the batch issuance is at.
10. At the end of the batch issuance a summary dialog will be displayed. Enable the Show batch result details checkbox and click Ok to view a more detailed summary of the batch issuance.
11. Select a record from the table and click the Result button to see more details on what operations were performed.
12. The summary details can be useful when investigating why a credential token failed to be successfully issued.
Step 3 - Verify Credential Issuance
Once the credentials have been issued it will be necessary to identify which credentials have been issued to which users. It is recommended to use one reader and connect each credential token one-by-one and from the Lifecycle page you can see who the credential was issued to. This validation would be necessary when multiple credential readers are used to batch issue.