# Hideez Enterprise Server setup for passwordless login Once you have created the appropriate template in the certification authority, you need to get the following settings: 1. Cryptographic Service Provider Name 2. Certificate Config 3. Certificate Template ID ### 1. The first parameter (Cryptographic Service Provider Name) must be set to: ``` Microsoft Base Smart Card Crypto Provider ``` ### 2. The second parameter (Certificate Config) is the name of the domain controller and the name of the certification authority: The following command will help define these names. Run it from the **command line:** ``` certutil -config - -ping ``` Then you should get such window:

Separated "**CA**" and **"Computer"** by an "\\" in the settings on the Hideez Server. ### 3. To define the third parameter (Certificate Template ID), go to the domain controller, and do the following: * Open MMC and add the **Certificate Templates snap-in** (File > Add/Remove Snap-ins > Certificate Templates) * Right-click the created certificate template * Open **Properties** * Open **Extensions** tab * Select “**Certificate Template Information**” The ID will be visible in the description below after "**Object identifier**":

The received parameters need to be entered to the HES settings. To do this, go to * **Settings → Parameters → Active Directory→ Workstation passwordless logon settings**

Add the "[On-premises Active Directory domain](https://enterprise.hideez.com/hideez-enterprise-server/administration/setting-hes-server-parameters#domain)", and then edit the **Workstation passwordless logon settings:**

Enter and save the settings you received before.