LDAP PIV Smart Card Support
ICE supports user authentication via PIV/CAC card through LDAP. When enabled, this feature enables authenticated users to log in with a smart card. On insertion of a smart card to a connected reader on the ICE Desktop host machine, ICE Desktop displays the Log in with Smart Card screen. This screen only appears when a smart card is connected.
PIV Card Support Requirements
A smart card reader attached to the ICE Desktop host machine.► The smart card reader must be able to read the inserted smart card.
The ICE Server must be configured to allow users to log in with a PIV card. Ensure the Login with PIV smart card selection is enabled in Settings > Organization.The user's ICE Server username must be CommonName@OrganizationalUnit where:► CommonName and OrganizationalUnit correspond with the fields of the same name on the user's PIV profile, which is read by the smart card reader.
► Multiple values for OrganizationalUnit are concatenated for the ICE Server username.
To enable ICE PIV card support
1. Navigate to Settings > Organization.
2. Enable Allow login with PIV card.
3. Click Save.
To login with a PIV smart card:
Note: The Login automatically selection does not apply to smart cards.
1. Launch ICE Desktop and enter your Server Address as normal.
2. Insert the smart card.
The Login with your Smart Card option appears.
The Login with your Smart Card option appears.
3. Enter your PIN and then click Login with Smart Card.