You configure the settings of the Mobile Credential Manager role from the Roles view of System task in Security Center Config Tool.
Mobile Credential Manager - Configuration tab
Click the Configuration tab to configure the general settings of the
Mobile Credential Manager, and create and configure mobile credential profiles.
- General settings
-
- Quick mobile credential refresh interval (minutes)
- How often the information for credentials that were recently updated in Security Center is polled from the provider to be displayed in Security Center.
- Normal mobile credential refresh interval (minutes)
- How often the information for credentials that were not recently updated in Security Center is polled from the mobile credential provider to be displayed in Security Center.
- Automatically revoke mobile credential on deletion
- Turn this option on if you want mobile credentials to be revoked on the mobile credential provider side when you delete them from Security Center.
- Mobile credential profiles
- Lists the mobile credential profiles you configured. You can use the buttons to add,
delete, or modify them.
Mobile Credential Manager - Credentials tab
Click the Credentials tab to view the status of your mobile
credential subscriptions and configure the mobile credentials in your system.
- Subscriptions
- Displays the Organization ID, Client
ID, and Remaining license count for each mobile
credential subscription. A mobile credential is removed from the license count when an
invitation is sent. NOTE: An icon at the top of each subscription indicates the status of the subscription.
- Credentials
- Lists the following information about each mobile credential in your system. You can
use the search box or click to filter the list.
- Cardholder
- The cardholder to which the mobile credential is assigned.
- Credential
- The name of the mobile credential.
- Card number
- The card number assigned to the mobile credential by the mobile credential provider.
- Facility code
- The facility code of the mobile credential.
- Mobile credential status
- The status of the mobile credential.
- Invitation status
- The status of the invitation from the mobile credential provider.
- Email address
- The email address of the cardholder to which the mobile credential is assigned.
- Provider
- The mobile credential provider.
You can use the buttons at the bottom of the credentials list to do the following:
- Add an item ()
- Create a mobile credential.
- Remove the item ()
- Delete a mobile credential from Security Center.NOTE: The mobile credential is also revoked if the Automatically revoke mobile credential on deletion option is on.
- Invitation
- Resend or cancel an email invitation from the mobile credential provider to the cardholder.
- Refresh ()
- Refresh the credential list to display the latest information available to the Mobile Credential Manager role.
- Synchronize ()
- Get the latest credential information from the mobile credential providers.
Mobile Credential Manager - Resources tab
Click the
Resources tab to configure the servers and database assigned to
this role.
- Servers
- Servers hosting this role. All must have access to the role database.
- Database status
- Current status of the database.
- Database server
- Name of the SQL Server service. The value
(local)\SQLEXPRESS
corresponds to Microsoft SQL Server Express Edition installed by default with Security Center Server. - Database
- Name of the database instance.
- Actions
-
You can perform the following functions on the role
database:
- Create a database ()
- Create a new database with the option to overwrite the existing one.
- Delete the database ()
- Delete the database.
- Database info ()
- Show the database information.
- Notifications ()
- Set up notifications for when the database space is running low.
- Backup/Restore ()
- Back up or restore the database.
- Authentication
- Specifies which SQL Server authentication is to be used:
- Windows
- (Default) Use Windows authentication when the role server and the database server are on the same domain.
- SQL Server
- Use SQL Server authentication when the role server and the database server are not on the same domain. You must specify a username and password in this case.
- Database security
- Security options for communication between the role and its database server.
- Encrypt connections
- (Default) Uses Transport Layer Security (TLS) protocol for all transactions between the role and the database server. This option prevents eavesdropping and requires no setup on your part.
- Validate certificate
- Authenticates the database server before opening a connection. This is the most
secure communication method and prevents man-in-the-middle attacks. The
Encrypt connections option must first be enabled.NOTE: You must deploy a valid identity certificate on the database server. A valid certificate is signed by a certificate authority (CA) that is trusted by all servers hosting the role and that is not expired.