Optional: Configuring Kiosk Mode
Applies To: Forefront Identity Manager Certificate Management
For FIM CM to work properly on kiosks, you must perform some manual configuration.
To Enable Kiosk Mode
Enable Anonymous Authentication for the CertificateManagement virtual directory in IIS.
Ensure the Anonymous IIS user account has the FIM CM Enroll extended permission on the relevant profile templates for temporary smart card enrollment.
Edit the Web.config file by adding the following values. The default location for the Web.config file is ...\< Program> Files\Microsoft Forefront Identity Manager\2010\Certificate Management\web\web.config.
<location path="scripts/microsoft"><system.web> <identity impersonate="true"/> <authorization> <allow users="*"/> </authorization> </system.web></location><location path="infragistics"> <system.web> <identity impersonate="true"/> <authorization> <allow users="*"/> </authorization> </system.web></location><location path="content/common/help"> <system.web> <identity impersonate="true"/> <authorization> <allow users="*"/> </authorization> </system.web></location>
Previous topic
Allow the CA to Access the FIM CM Database