HID OMNIKEY reader integration - Security Center | HID

Applies to
Security Center | HID
Last updated
2022-07-18
Content type
Guides > Installation guides
Language
English (United States)
Product
Security Center

About HID OMNIKEY reader integration

Learn how to modify the OmnikeyReadersConfiguration.gconfig file to correctly configure an HID OMNIKEY reader with your devices.

About the OmnikeyReadersConfiguration.gconfig file

The OmnikeyReadersConfiguration.gconfig file is found in your Security Center installation folder. The default path is C:\Program Files (x86)\Genetec Security Center 5.x. If the file is empty or not found, or if the detected reader is not part of the configuration file, the default CardType is set to iCLASS.

Configuration overview

Finding the name of an HID OMNIKEY reader

When updating the OmnikeyReadersConfiguration.gconfig file to configure an HID OMNIKEY reader, you must use the name of the reader as the ModelFamily value. You can find the reader name in the HID OMNIKEY Workbench tool.

Procedure

  1. Download and install the latest HID OMNIKEY Workbench tool from the Drivers and Downloads page of the HID website at https://www.hidglobal.com/drivers.
  2. Connect the HID OMNIKEY reader, and then do the following in the HID OMNIKEY Workbench:
    HID OMNIKEY Workbench tool displaying reader settings with the name of the reader highlighted.
    1. From the side menu, click the Readers tab.
      The Available Readers list is displayed.
    2. Select a reader from the list, and then click the Reader settings tab.
    3. Confirm that the Operating mode is set to CCID.
      NOTE: If the reader is in KBW mode (keyboard wedge mode), you must switch it back to CCID mode. For more information, see the HID OMNIKEY reader documentation.
    The name of the reader is displayed at the top of the page. This is the name you must use as the ModelFamily value in the OmnikeyReadersConfiguration.gconfig file.

After you finish

Copy the name and use it to update the OmnikeyReadersConfiguration.gconfig file.

Supported credential technology with HID OMNIKEY readers and Security Center

The HID OMNIKEY reader integration with Security Center supports different credential technologies.

The following credential technologies and HID OMNIKEY readers are supported:
Model Description Contactless low frequency Contactless high frequency
OK5022 Contactless high frequency smart card reader.  
  • HID iCLASS
OK5422 Dual-interface smart card reader.  
  • HID iCLASS
  • PIV2
OK5427 Dual-frequency keyboard emulation smart card reader.
  • HID Prox 125 kHz1
  • HID iCLASS
  • HID iCLASS Seos
  • CSN MIFARE, MIFARE DESFire3
  • PACS data MIFARE, MIFARE DESFire3, 4

1 ATR mode must be set to PROX_WIEGAND_RAW.

2 FASC-N, GUID, GSA.

3 For more information, see the HID OMNIKEY 5427 User Guide.

4 The tool for loading the keys onto the reader is available in the OMNIKEY 5427CK Development Toolkit (DTK).

Configuration for HID Prox credentials

To read Prox credentials, the OmnikeyReadersConfiguration.gconfig file must contain specific lines of code.

The configuration file must contain the following lines of code:
<?xml version="1.0" encoding="utf-8" ?>

<Readers>

  <Reader ModelFamily="[Reader name from HID OMNIKEY Workbench]">

    <SupportedCards>

      <Card Type="Prox" Bits="26"/>

    </SupportedCards>

  </Reader>

</Readers>

The number of bits depends on the card used.

To read Prox credential with multiple bit lengths, for example, 26 and 48 bits, the configuration file must contain the following lines of code:
<?xml version="1.0" encoding="utf-8" ?>

<Readers>

  <Reader ModelFamily="[Reader name from HID OMNIKEY Workbench]">

    <SupportedCards>

      <Card Type="Prox" Bits="48"/>

      <Card Type="Prox" Bits="26"/>

    </SupportedCards>

  </Reader>

</Readers>
NOTE: To read Prox cards with an OMNIKEY 5427 reader, the ATR Mode reader setting must be changed using the OMNIKEY 5427 web-based management tool:
  1. In a web browser, enter http://192.168.63.99.
  2. Click Contactless Config > Prox Config.
  3. Change ATR Mode to PROX_WIEGAND_RAW.
  4. Navigate to the System Config page, and then click Apply changes.

Configuration for HID iCLASS and iCLASS Seos CSN credentials

For HID OMNIKEY readers to read serial numbers instead of card numbers, the OmnikeyReadersConfiguration.gconfig file must contain specific lines of code.

NOTE: The configuration file is optional for reading iCLASS and iCLASS Seos credentials because the CardType is set to iCLASS by default.
The configuration file must contain the following lines of code:
<?xml version="1.0" encoding="utf-8" ?>

<Readers>

  <Reader ModelFamily="[Reader name from HID OMNIKEY Workbench]" ReadSerialNumber="True"/>

</Readers>

The default value for the ReadSerialNumber attribute is False if not provided, if the reader is not part of the file, or if the configuration file is missing.

Configuration for HID Prox and iCLASS credentials

To read Prox credentials and the serial numbers of iCLASS credentials, the OmnikeyReadersConfiguration.gconfig file must contain specific lines of code.

The configuration file must contain the following lines of code:
<?xml version="1.0" encoding="utf-8" ?>

<Readers>

  <Reader ModelFamily="[Reader name from HID OMNIKEY Workbench]">

    <SupportedCards>

      <Card Type="Prox" Bits="26"/>

    </SupportedCards>

  </Reader>

  <Reader ModelFamily="[Reader name from HID OMNIKEY Workbench]" ReadSerialNumber="True"/>

</Readers>
NOTE: To read Prox and iCLASS credentials, your configuration file does not need to contain the iCLASS information because it is there by default:
<?xml version="1.0" encoding="utf-8" ?>

<Readers>

  <Reader ModelFamily="[Reader name from HID OMNIKEY Workbench]">

    <SupportedCards>

      <Card Type="Prox" Bits="26"/>

    </SupportedCards>

  </Reader>

</Readers>

Configuration for HID iCLASS and pivCLASS credentials with OMNIKEY 5422 readers

To read iCLASS and pivCLASS credentials using an OMNIKEY 5422 reader, Security Center 5.10.1 or later is required, and the OmnikeyReadersConfiguration.gconfig file must contain specific lines of code.

The configuration file must contain the following lines of code:
<?xml version="1.0" encoding="utf-8" ?>

<Readers>

  <Reader ModelFamily="[Reader name from HID OMNIKEY Workbench]">
     
    <SupportedCards>
          
      <Card Type="iClass"/>

      ...
      
      ADD PIV CONFIGURATION HERE
      
      ...

    </SupportedCards>

  </Reader>
                
</Readers>
You can add the following configurations:
  • <Card Type="PIV" Bits="75"/>

    Generates FASC-N 75-bit format credential (GSA standard).

  • <Card Type="PIV" Bits="200"/>

    Generates FASC-N 200-bit format credential.

  • <Card Type="CIV" Bits="128"/>

    Generates 128-bit GUID from a PIV-I or CIV credential.

IMPORTANT: PIV formats are mutually exclusive. You cannot use both 75-bit and 200-bit formats for the USB reader at the same time because the GSA 75-bit format is calculated from PIV 200-bit FASC-N. However, you can use PIV and CIV together, since CIV does not use FASC-N.

Configuration for MIFARE and MIFARE DESFire credentials with OMNIKEY 5427 readers

To read the CSN from MIFARE, MIFARE DESFire, or other supported credentials with an OMNIKEY 5427 reader, the OmnikeyReadersConfiguration.gconfig file must contain specific lines of code.

OMNIKEY 5427 readers have a built-in web-based management tool. For more information, see the OMNIKEY 5427 documentation.

The configuration file must contain the following lines of code:
<?xml version="1.0" encoding="utf-8" ?>

<Readers>

  <Reader ModelFamily="[Reader name from HID OMNIKEY Workbench]" ReadSerialNumber="True" />

</Readers>

Troubleshooting: Driver fails to install for HID OMNIKEY USB readers

If each time you try to enroll a credential using an HID OMNIKEY USB reader, you see an error message from Windows indicating that the driver failed to install, there are some troubleshooting steps you can use to resolve the issue.

Before you begin

  • Disconnect the OMNIKEY reader from your workstation.
  • Close Security Desk and Config Tool.

What you should know

This issue typically occurs because Windows cannot find the appropriate driver for the reader. Because Windows will try to load the default USB driver, the reader can appear to work properly until you observe some undesirable behavior. To avoid such behavior, it is recommended to install the driver that is specific to the type of reader provided by the manufacturer.

Procedure

  1. Make sure that your OMNIKEY reader is compatible with Security Center and is configured properly.
  2. Install the driver, according to the instructions provided in the OMNIKEY reader documentation.
    You can search for the documentation on the HID website at http://www.hidglobal.com/documents.
  3. When installation is complete, ensure that the reader is enabled:
    1. From the Security Desk home page, click Options > External devices.
    2. Turn on the Omnikey USB reader option.
    3. Click Save.
    4. Restart your application.
  4. Try to enroll a credential again.

Results

The error message should not be displayed anymore.