Configuring FIM CM for Temporary Smart Cards
Applies To: Forefront Identity Manager Certificate Management
You can use FIM CM to issue and retire temporary smart cards. Typically, you issue a temporary smart card to replace a lost or misplaced smart card or to provide temporary network access to a user who has no existing certificate, such as a contractor or consultant. When a user no longer needs a temporary smart card, you can retire the smart card.To retire temporary smart cards when they have at least one expired certificate on them, you must ensure that FIM CM is running.
The workflow used by the temporary smart card retire function is controlled by the profile template settings that you configured when you issued the smart card. Therefore, to automatically retire temporary smart cards and revoke all certificates on those smart cards, you must configure the temporary smart card policy to not require additional approvals. You do this by setting the Number of approvals in the General Workflow Options to 0.