A newer version of this documentation is available.

View Latest

Service Mover

[Service Mover]
:ModeStore=0x09
ModeReadCertificate={component-csp}|{TS+LOGONUI}||{component-csp};{component-ksp}|*
ModeTokenEvent=0x01|{TS+LOGONUI}||0x02|*
PauseSessionEvent=SessionLock,RemoteDisconnect;SessionUnlock,RemoteConnect|{TS}||0|*
:UpdatePoll=999

ModeStore

The ModeStore parameter sets how certificates are registered to the CryptoAPI MY store. The value is a bitmask with the following options:

#define MODE_STORE_USER                   0x01
#define MODE_STORE_MACHINE                0x02
#define MODE_STORE_KEEP_CERTIFICATE       0x04
#define MODE_STORE_OVERWRITE_CERTIFICATE  0x08
#define MODE_STORE_DISABLE_NON_REP        0x10
#define MODE_STORE_USE_SIMPLE_KEY_SPEC    0x20
#define MODE_STORE_INSTALL_CA_CERTIFICATE 0x40
[Service Mover]
ModeStore=0x09

ModeReadCertificate

The certificates are read. Net iD Client can read using the PKCS#11 interface or by accessing the KSP/CSP directly. The certificate is registered to the CSP or the KSP. Thus, reading using the same interface as when calling applications is better to make sure that everything works without any problem. But both CSP and KSP will continue to read using our PKCS11, so for performance it is better to read from the PKCS#11 interface.

[Service Mover]
ModeReadCertificate={component-csp}|{TS+LOGONUI}||{component-csp};{component-ksp}|*

ModeTokenEvent

Need to detect token events, such as smart card insert or remove, to either register or unregister certificates. This event is also used by the Watch components:

The events can be generated by checking the PKCS#11 library, checking the PC/SC service, or by polling with regular intervals.

#define ACCESS_EVENT_NONE 0x0001
#define ACCESS_EVENT_PKCS11 0x0002
#define ACCESS_EVENT_PCSC 0x0003
#define ACCESS_EVENT_POLL 0x0004

[Service Mover]
ModeTokenEvent=0x01|{TS+LOGONUI}||0x02|*

PauseSessionEvent

The PauseSessionEvent parameter controls pause detect token status events when Windows session is inactive. Windows session inactive state is default considered between session event SessionLock and SessionUnlock is received. Another option could be session event RemoteDisconnect and RemoteConnect.

Values

0

Will not pause

1

Pause on SessionLock and continue on SessionUnlock

<pause-event>,<pause-event>;<continue-event>,<continue-event>

Custom event for pause/continue

[Service Mover]
PauseSessionEvent=SessionLock,RemoteDisconnect;SessionUnlock,RemoteConnect|{TS}||0|*

UpdatePoll

The UpdatePoll parameter tells the number of milliseconds between updates, when token events are polling with regular intervals.

[Service Mover]
UpdatePoll=999