detailed log of system events.
0 If you click the radio button to disable this setting, CAC Manager will use the default value of Level 2, the simplest log of system events.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Litronic\CAC\debuglevel
System Logging Level Setting (cont.)
System Logging Trace Directory
Purpose: To specify where system logging information will be stored.
Value Meaning
Default If you do not configure this setting, CAC Manager will save system logging information in My Documents.
1
If you enable this setting, and enter another directory name such as Desktop, Local Application, or Application in the Enable System Logging Trace Directory Properties text box, CAC Manager will save system logs to that directory.
0 If you disable this setting, CAC Manager will save the system log to My Documents.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Litronic\CAC\systemtracedir
box, CAC Manager will set the polling frequency to that amount of time.
0 If you disable this setting, CAC Manager will set the value to 50 tenths of a second.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Litronic\CAC\TenthsofSecs
Trace Logging File (TLF) Name
Purpose: To specify the name of the trace log file.
Value Meaning
Default If you do not configure this setting, CAC Manager will set the name of the trace log file to LitronicCAClog.txt.
1 If you enable this setting, and enter a different .TXT file name in the text box, CAC Manager will use that name for the trace log file.
0 If you disable this setting, CAC Manager will set the file name as LitronicCAClog.txt.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Litronic\CAC\traceLogFilename
Update URL
Purpose: To set the address from which software patches, updates for new cards, and upgrades will be downloaded.
Value Meaning
Default
If you do not configure this setting, the update URL will be
http://updates.litronic.com/v/cac/checkversion where “cac” or “CAC”
represents the name of the product—CACMD, CACPIVMD, or PIVMD.
1 If you enable this setting, and enter a different URL in the Enable Update URL Properties text box, CAC Manager will use that URL for updates.
0 If you disable this setting, CAC Manager will use the default URL for updates.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Litronic\CAC\updateURL
Update the AltSecurity Identities During Publish to GAL
Purpose: To determine whether the AltSecurity Identities in Active Directory are updated with Issuer and Subject Distinguished information from the user’s identity certificate when certificates are published to the GAL.
Value Meaning
Default=0 If you do not configure this setting, CAC Manager will not automatically update the AltSecurity Identities during Publish to GAL.
1 If you enable this setting, CAC Manager will update the AltSecurity Identities during Publish to GAL.
0 If you disable this setting, CAC Manager will not automatically update the AltSecurity Identities during Publish to GAL.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\Litronic\CAC\updateAltSecurityIdentities
Default=1 If you do not configure this setting, CAC Manager will enable Card Authentication Management services.
1 If you enable this setting, CAC Manager will provide Card Authentication Management (CAM) services.
0 If you disable this setting, CAC Manager will not provide Card Authentication Management (CAM) services.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Policies\PIN\Authentication\
CAMAllow
Card Authentication Management (CAM) Time Out Setting
Purpose: To specify how long Card Authentication Management (CAM) will keep the PIN cached, thereby preventing the PIN dialog box from appearing.
Value Meaning
Default=15 If you do not configure this setting, CAC Manager will use the default value of 15 minutes.
1
If you enable this setting, the number of minutes that Card Authentication Management (CAM) will cache the PIN can be set in the Enable Card Authentication Management Time Out Setting Properties text box.
0 If you disable this setting, CAC Manager will cache the PIN for the default of 15 minutes.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Policies\PIN\Authentication\
CAMTimeout
Certificate Auto Registration
Purpose: To specify whether CAC Manager will automatically register CAC certificates.
Value Meaning
Default=1 If you do not configure this setting, CAC Manager will automatically register CAC certificates.
1 If you enable this setting, CAC Manager will automatically register CAC certificates.
0 If you disable this setting, CAC Manager will not automatically register CAC certificates.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Cryptography\Certificate Registration\CertAutoRegistration
Certificate Removal on Card Removal
Purpose: To specify whether CAC Manager will automatically unregister (remove) CAC certificates upon card removal.
Value Meaning
Default=0
If you do not configure this setting, CAC Manager will reflect either the last value entered, if one has been entered, or if no value has been entered, it will not remove certificates automatically when a card is removed.
1 If you enable this setting, CAC Manager will automatically remove certificates when a card is removed.
0 If you disable this setting, CAC Manager will not automatically remove certificates when a card is removed.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Cryptography\Certificate Registration\CertRemovalOnCardRemoval
0 If you disable this setting, CAC Manager will not remove the CAC certificates automatically on logoff.
Registry Key HKEY_LOCAL_MACHINE\SOFTWARE\GSC\Cryptography\Certificate Registration\CertRemovalOnLogoff
3.5 Permanent Settings
3.5.1 Make Certificates Available to Windows
Automatically make certificates available to Windows applications To enable users to move easily among Outlook, Internet Explorer, and other Windows applications, Automatically make certificates available to Windows applications is permanently enabled in CAC Manager. (It is also permanent because Windows automatically propagates certificates, even when the CAC middleware does not.)
For this reason, Automatically make certificates available to Windows
applications does not appear under Litronic CAC Settings in the Group Policy Object Editor or on the Settings tab in the user interface.
3.5.2 Enable Online Verification of Certificates
Enable Online Verification of Certificates
Starting with CACPIV Manager Build 14, CAC Manager will automatically verify certificates online against a revocation server. For builds prior to Build 14, this setting is configurable.