Installation Microsoft Windows

What will be installed?

Files

The application will be installed in the standard location for applications using the product name as the folder name. The following files will be added on all Windows operating systems:

%PROGRAMFILES%\Net iD\iid.dll

Contains core functionality

%PROGRAMFILES%\Net iD\iid.exe

Loads core library

%PROGRAMFILES%\Net iD\iidcsp.dll

CryptoAPI CSP library

%PROGRAMFILES%\Net iD\iidp11.dll

PKCS#11 library

%PROGRAMFILES%\Net iD\iidplg.dll

ActiveX and Mozilla Firefox plugin library

%PROGRAMFILES%\Net iD\iidxadm.exe

Loads administration utility

%PROGRAMFILES%\Net iD\iidxcmt.exe

Configuration commit application

Mozilla Firefox browsers will get a copy of the plugin library installed in the appropriate plugin folder (with the name npiidplg.dll).

The following files are optional and may be added, depending on package:

%PROGRAMFILES%\Net iD\iid.cfg

Global configuration if Registry settings not used

%PROGRAMFILES%\Net iD\iidxcp.dll

Credential Provider

%PROGRAMFILES%\Net iD\iidxcse.dll

GPO Client Side Extension

%PROGRAMFILES%\Net iD\iidxmd.dll

Minidriver library, complete with PKCS#11 library

%PROGRAMFILES%\Net iD\iidxmifare.dll

Mifare library

%PROGRAMFILES%\Net iD\iidxsc.dll

Minidriver library, will require PKCS#11 library

%PROGRAMFILES%\Net iD\iidxsso.dll

Single-Sign-On library

%PROGRAMFILES%\Net iD\iidxtrace.dll

Trace service library

%PROGRAMFILES%\Net iD\iidxwatch.exe

Watch application

%PROGRAMFILES%\Net iD\iidxweb.exe

Web application

The installation package may also include several images (bmp and ico files supported) loaded by either password or credential provider dialog, depending on package:

%PROGRAMFILES%\Net iD\iidx<name>.<image file extension>

Image for password or credential provider dialog. By default only iidxcp.ico will be included.

User specific data is stored in Windows standard location for application data using product short name as the folder name:

%APPDATA%\iid\iid.cfg

Local configuration

%APPDATA%\iid\tokens\<name>.tkn

Soft tokens

Registry

Several new keys and values will be added to Windows registry: Net iD as an ActiveX component, all supported cards, Net iD as a CSP and uninstall specifications.

[HKEY_CLASSES_ROOT\CLSID\{5BF56AD2-E297-416E-BC49-00B327C4426E}]

Registry key for the Net iD plugin class.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\Net iD – <CARD NAME>]

Registry keys of supported smartcards for CSP.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Net iD - CSP]

Registry key for Cryptographic Service Provider.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iid]

Registry key for uninstall parameters for the application.

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Net iD]

Registry key for the context menu in Microsoft Explorer.

One of the following will be added depending on whether it is running as a service or as a background process.

  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Net iD]

  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] > Net iD

There are also some optional Registry entries which will be added depending on package:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{01C81C98-0787-42AF-B2EE-9B60A616C125}]

Registry key for GPO Client Side Extension.

[HKEY_CLASSES_ROOT\CLSID\{5BF56AD2-E297-416E-BC49-00B327C44270}]

Registry key for Credential Provider.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Calais\SmartCards\Net iD – # <CARD NAME>]

Registry keys of supported smartcards for minidriver.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{5BF56AD2-E297-416E-BC49-00B327C44270}

Registry key for Credential Provider.

Using Watch will add a startup entry depending on whether it is running as service or as background process.

  • [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Net iD Watch]

  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] > Net iD Watch

The configuration is by default stored in Registry. The location is possible to configure and will be stored at Registry uninstall key mentioned above. The default configuration location when using Registry is:

  • [HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise]

What will be uninstalled?

All files installed during installation and registry settings will be removed during uninstall with one single exception: existing soft tokens will NOT be removed, this is to avoid problems with users removing their soft tokens by mistake.

Package naming conventions on Windows platforms

Net iD Enterprise packages follow a set of naming conventions for easy identification of a specific package

All packages starts with the prefix iidsetup_ followed by two or three letters identifying the customer. The naming ends with four digits describing the package contents.

000051

First digit

The first digit tells if it is a package intended for clients or servers:

1

Package intended for clients.

2

Package intended for servers.

Second digit

The second digit gives information regarding which components are included in the package. The combinations are as follows:

0

No extra components included.

1

The "Single Sign-on" (SSO) component is included (PIN-caching).

2

The "Logon"-component is included, i.e. a Credential Provider is installed.

3

Both 1 and 2 described above is included (SSO and Logon).

4

The Net iD Minidriver for usage with "Microsoft Smart Card Base CSP" is included.

5

Both 1 and 4 described above is included (SSO and Minidriver).

6

Both 2 and 4 described above is included (Logon and Minidriver).

7

Both 1, 2 and 4 described above is included (SSO, Logon and Minidriver).

8

Unused.

9

Special packages.

Here two examples, one "clean" package and one with SSO:

000052

Third digit

The third digit is used to separate packages with the same components but with different configuration. For example 1901 and 1911. 1901 could be intended for standard in-house desktops and 1911 for laptops with some kind of preparations for a specific VPN-client.

Fourth digit

The fourth digit is used as a package counter, for instance if the first build was updated with a new link or a new logotype.