04.06.2020

How To Set Up A Cac Reader For Mac

Enterprise Webmail link:
  1. How To Set Up A Cac Card Reader
  2. How To Set Up A Cac Reader On Windows 10
  3. How To Use Cac On Mac

NOTICE: Window 8.1, 8, and 7 users with Internet Explorer 11 need to add 'mail.mil' [or any other websites that are not working] to their 'Compatibility View Settings' by following slide 19 in this guide. You might also have to reinstall the S/MIME control.

In the Under Secretary of the Army memorandum regarding Enterprise Email, the @mail.mil email address is now the default email address on all new CACs issued as of 6 January 2014.

Created a 'retiring' page dedicated to providing information for people getting ready to retire. I want to make sure people understand they will no longer have access to their Enterprise Email and AKO.

Army CIO/G6 Blog titled: Army Nears Completion of Migration to Defense Enterprise Email (hear what others are saying about EEmail.

All Army AKO users who have a CAC should now be migrated to DISA's Enterprise Email and will no longer be able to access email via username / password. DISA mail uses Microsoft Exchange 2010 and requires 100% CAC use via the https://web.mail.mil Outlook Web Appsite.

For a list of all IOGEAR TAA compliant products click here. The following IOGEAR products are already listed on the GSA Schedule: GSR202 USB Smart Card Reader: GSA APL #579 GSR203 Portable Smart Card Reader: GSA APL #693 GKBSR201 Keyboard w/Built-in Common Access Card Reader: GSA APL #612. For a list of all IOGEAR TAA compliant products click here. Make sure you have Firefox set up correctly to use your CAC first. The items mentioned above about ActivClient and Java still must match your Windows Operating system (32 bit) to work. **-NOTE: 32 bit Windows users can also use Google Chrome. How to set up CAC reader on personal computer? Windows 8 and 8. Windows 10 information is on this page. Created retiring page dedicated to providing information for people getting ready to retire or separate from the Army. MilitaryCAC's Mac OS X Installation Steps Page. Cac We are hearing Mac users having problems with the SCR reader. If you computer fails to recognize the CAC reader work, you may need to try a different computer to do the update. Work your SCR reader can be used home Windows 10, 8.

Dual Persona users need to EXPOSE your PIV, or you will have problems accessing your Enterprise Email account(s).

Accessing https://web.mail.mil requires the steps below and an email account already created

Windows Installation Steps
Step 1: Obtain a CAC Reader
Step 2:CAC Reader driver Video
Step 3:DoD Certificates Video
Step 4:ActivClient Video
Step 4a:Update ActivClient
Step 5:IE adjustmentsVideo
Step 6:Select the EMAIL certificate when prompted (Except for Dual Persona personnel), you have to select your PIV certificate instead.
Example:

How To Set Up A Cac Card Reader


Mac Users - Some of the information below will not work for you. Start here for your specific requirements.

Problem 1:How can I check my DoD Enterprise Email other thanOWA when I'm not in the office?

INFORMATION: The DoD Enterprise Email does NOT have the ability to be accessed using Outlook or other email program on a computer that is not on the .mil or .gov network. This means, it cannot be set it up on a personal computer using Outlook like we used to do with AKO and Mail.mil's predecessor, Advanced Technologies Email.

Solution 1-1: Yes, you can forward it to another .mil or .gov email address. (For all mail.mil users)

Solution 1-2: Yes, use your government owned BlackBerry (Only for Business Class users)

Solution 1-2a: Yes, use your government owned iPhone / iPad (Only for Business Class users)

Solution 1-3: Yes, bring your government computer with you and use VPN (For all mail.mil users, normally only business class users)

Solution 1-4: If your organization uses Citrix, you may be able to use it to login with your CAC enabled home computer and access your Outlook via the Citrix client. (Only for Business Class users)

Solution 1-5: You can check your email via an iPhone or iPad using OWA or Android. The ability to digitally encrypt is not possible as Microsoft has this capability locked into Internet Explorer (32 bit) with S/MIME installed. (For all mail.mil users)

Problem 2: Youreceive the following error message when attempting to access https://web.mail.mil

Solution 2:You don't have Enterprise Email account yet. Check back with your organization to find out the approximate date it will be created.

Problem 3:Your Email has transitioned to Enterprise Email and your information is incorrect in the Global Address List (GAL).

Solution 3-1: Picture guide created for US Army Reserve Soldiers, but will work for everyone

Solution 3-1a:Picture guide created by Department of the Army

Solution 3-2: To update your profile, visit the Defense Manpower Data Center (DMDC) MILConnect page (https://www.dmdc.osd.mil/milconnect).

Click Sign In (Red button) (on the Right side of the screen)

Select OK

Select the CAC (tab), then Login

Select either one of your two CAC certificates, OK, Enter your PIN, OK

Click the My Profile (tab)->Select Update and View My Profile.

There are two sub tabs located approximately 3/4' below the My Profile tab: (IF you don't see the sub tabs look here for a solution, problem 20)

-Personal Information (tab) -> Update snail mail address, email addresses, and phone numbers for you and your family.

The following tab usually has a dark gray color as the background with white letters.

-MIL / CIV / CTR (tab) (based on your duty type)-> Update your unit of assignment and address.

NOTE: The field titled: Duty Installation/Location is the field that finds the nearest DISA DECC (Defense Enterprise Computing Center) to your duty station.

NOTE2: All personnel associated with the Army Reserve are required to select: US Army Reserve Center

Changes should take 4 - 48 hours to show up in the DISA GAL.

If you have a SIPRNet E-mail address, please add it to the MIL / CIV / CTR (tab) as this is how your SIPR Enterprise Email GAL entry will be updated.

Solution 3-3: If your rank is wrong in the GAL (examples: 1SG vs. MSG, SPC vs. CPL vs. SP4, or SGM vs. CSM), you have to visit an ID card office to get it corrected.

Problem 4:Receive 'HTTP/1.1 503 Service Unavailable' when attempting to access your email via OWA.

Information: This is caused when the Exchange server is down, or having problems.

Solution 4:Try accessing your email at a later time

Problem 5:How do I add my PIV cert to my CAC, so, I can access my email? DISA has classified me as a 'Dual Persona' individual. (Dual Persona is an Army Reserve [or Guard] Soldier who is [or has ever been a DoD civilian (or contractor)] theoretically you were authorized to carry two CACs at some time in your life). This may be a reason why you cannot access your webmail

.

Solution 5-1 Windows 7, Vista, & XP users with ActivClient 6.2.0.x & Java: Read note below FIRST, Go to: https://www.dmdc.osd.mil/self_service or https://dmdc.osd.mil/self_service, some people have now had to login to MilConnect at: https://www.dmdc.mil/milconnect, and click the RAPIDS Self Service link on the right side of the screen, then follow this guide:https://www.dmdc.osd.mil/self_service/help/CAC_-_Activating_a_PIV_Authentication_Certificate.htmVideo

Note: Some of the screens may look different, since DMDC has modified their webpage and not updated their guide.

NOTE: If you have problems while on the RAPIDS Self Service website, contact their help desk.

Some items NOT mentioned in the guide above:

--You cannot have the same email address on both CACs. This is becoming less of a problem since @mail.mil is the only authorized email on our CACs now since January 2014. So, you may need to change one of your CACs. See error message below. Here's how to change your email address on your CAC. You can also add an email address to your CAC if you don't have one on your CAC.

--Your system needs to be all 32 bit or all 64 bit, which means the following:

64 bit Windows 7, Vista or XP (will NOT work with Windows 7, 8, 8.1built in Smart Card utility)

64 bit Internet Explorer (Start, All Programs, Internet Explorer (64-bit))

NOTE: Windows 8 / 8.1 users look below to do another browser tweak first

64 bit ActivClient 6.2.0.x with latest update (Windows 7 and below)

64 bit ActivClient 7.0.2.x with latest update (Windows 8 / 8.1 users)

64 bit Java (make sure you are accessing this site from your 64 bit IE web browser)

NOTE: You have to change a Java security setting, Go to Java (in Control Panel), Click Security (tab), move the arrow bar down to Medium.

32 bit Windows 7, Vista or XP (will NOT work with Windows 7, 8, 8.1built in Smart Card utility)

32 bit ActivClient 6.2.0.x with latest update (Windows 7 and below)

32 bit ActivClient 7.0.2.x with latest update (Windows 8 / 8.1)
32 bit Internet Explorer (Start, All Programs, Internet Explorer)

32 bit Java (make sure you are accessing this site from your 32 bit IE web browser)

NOTE: You have to change a Java security setting, Go to Java (in Control Panel), Click Security (tab), move the arrow bar down to Medium.

32 bit Windows users: People have been successful using Firefox to activate their PIV cert on a 32 bit Windows computer (XP, Vista, and 7). Make sure you have Firefox set up correctly to use your CAC first. The items mentioned above about ActivClient and Java still must match your Windows Operating system (32 bit) to work.

**-NOTE: 32 bit Windows users can also use Google Chrome.

64 bit Windows users: People have been successful using Waterfox to activate their PIV cert on a 64 bit Windows computer (Vista and 7). Make sure you have Waterfox set up correctly to use your CAC first. The items mentioned above about ActivClient and Java still must match your Windows Operating system (64 bit) to work.

Once your PIV is activated, click Forget State for All Cards (twice), then Make Certificates available to Windows. Here's how: Double click ActivClient (icon down by your clock in the lower right corner of your computer screen), Click Tools, Advanced, Forget State for all cards (ActivClient 6.2.0.x) OR Reset Optimization Cache (ActivClient 7.0.x.x). Once you've done this, click on Make Certificates available to Windows (ActivClient 6.2.0.x)OR remove, then reinsert CAC (ActivClient 7.0.x.x) or (ActivClient 6.2.0.x).You 'should' see 4 certificates. If not, repeat the Forget State for all cards again, and Make Certificates available to Windows again.

5-1a Windows 8 / 8.1 users: To activate your PIV using Windows 8 / 8.1 you will have to select Enable 64-bit processes for Enhanced Protected Mode to run IE in 64 bit mode. More information can be read here.. This has worked for others, but if you have issues yourself, find a Windows 7, Vista, or XP computer and follow Solution 5-1 above.

Non-Solution 5-1b Mac Users: I have found no way for you to activate your PIV using a Mac. The recommended method is to find a Windows 7, Vista, or XP computer and follow Solution 5-1 above.

Solution 5-2:DMDCs Self Service website is working better now than it did originally for activating users PIV authentication certificate. This affects every person who has the dual persona roles. You can configure ActivClient to expose your PIV cert on your computer (Windows 7, Vista, or XP with ActivClient 6.2.0.x installed). This will have to be done on every computer you need to access your mail.mil email on. This solution negates the issue with DMDCs Self Service website to expose your certificate.

.

Here's how to expose your PIV cert via ActivClient using Windows 7, Vista, or XP (if you use WAWF, DO NOT do this, you must activate your PIV above): ActivClient 6.2.0.x users need to update it to the latest version. [You can ignore the need for restart here] After you have installed the latest update, open ActivClient, Click Tools, Advanced, Configuration (requires elevated access on Government systems), scroll down [and click on] Smart Card, click line titled: Prefer GSC-IS over PIV EndPoint.. change the Yes to a No. You will be prompted to restart the computer. After the restart every time you go to https://web.mail.mil, you'll have to select the certificate that says PIV, (NOT the Email certificate).Government computer users will need to make sure they select the 10 digit certificate to login to the computer, and 16 digit to check your email. If you select the 16 digit during login, you will get either DoD visitor, or Credentials cannot be verified error message.

--ActivClient 7.0.2.x users need to update to the latest version, then modify the following registry key for this option: HKEY_LOCAL_MACHINE SOFTWARE ActivIdentity ActivClient Card Discover CardEdge DefaultCardEdge =1

-- ActivClient update version of 7.0.2.308 (and above) show your PIV automatically.

--Another person had to modify this registry key instead: HKEY_LOCAL_MACHINE SOFTWARE ActivIdentity SecurityModuleMW DiscoveryProvider CardEdge PIVIgnoredExtensions Value 1 (Right click modify (change to 0 from 1)) See image

WAWF (Wide Area Work Flow) users, please take note: Recently the Wide Area Workflow website updated and moved to CAC / certificate only logon. If a Dual-Persona user has the ActivClient setting changed, the WAWF website will not correctly read their DoD x.509 certificate (They will receive a 'No Certificates Found!' message).
If you are a Dual Persona and need to access both Enterprise Email and WAWF, you MUST undo the ActivClient setting (change back to YES) and activate your PIV certificate via the RAPIDS Self Service website. After that, the WAWF website will correctly read you certificates and allow you to register your CAC.

Problem 6:Problems with mail.mil when using 64 bit AGM and 32 bit Office 2007

Solution 6:Follow guidance in this PDF.

Problem 7:I Can't view Encrypted emails in OWA / web.mail.mil

Solution 7-1: Make sure you have the S/MIME control installed.

NOTE: This is only available when using Internet Explorer (32 bit). It will NOT work with the 64 bit version, on a Mac, or any other web browser.

NOTE2: Internet Explorer 10 & 11 run in 32 bit mode by default, so, this should not be an issue. You would have to select 'Enable 64-bit processes for Enhanced Protected Mode' to run the browser in 64 bit mode. More information can be read here.

Here's how: Click Options, See All options.., Settings, S/MIME, click on Install the S/MIME control

NOTE3: You will not see S/MIME control in IE 11 until you first add 'mail.miI' [or any other websites that are not working] to your 'Compatibility View Settings' by following slide 21 in this guide.

Solution 7-2: Make sure you have your @mail.mil email address on your CAC. Here's how to change / update your email address on your CAC.

Solution 7-3:Follow this guide which explains how to get your old CAC certificates back. You will need to logon to the server with your current CAC (Non Email certificate).

NOTE: Currently only available via government owned computer on a government network, no access from your home computer which means DISA has locked you out of your own email.

Problem 8:How do I get support for my Enterprise Email account?

Solution 8-1 (when at Home or Work): Contact the Army Enterprise Service Desk at: 866-335-2769)

Solution 8-1a (Army Reserve): Contact the Help desk at: 855-55-USARC, or [from your Army Reserve computer] go to: https://esahelp

Solution 8-2:Contact the Army & NETCOM CAC/PKI Help desk at: 866-738-3222, (DSN: 312-879-8133) or Email: army.cacpki.helpdesk@mail.mil

Problem 9: How do I turn off conversation view inweb.mail.mil?
.

Solution 9: Click View, uncheckUse Conversations. See image below:

Problem 10: Receiving the following error message when trying to use OWA on Windows 7 / 8 / 8.1 (both 32 & 64bit): 'A digital ID that allows you to sign this message is missing.'

Solution 10-1: Add your OWA link to your Trusted Sites (Slide 21 of this guide)

Here's How:Follow question 15 below

Solution 10-2:Install the S/MIME control from the options section in your OWA client (see Solution 7-1 above). If you have problems installing the S/MIME check to make sure that 'Do not save encrypted pages to disk' is unchecked under Tools, Advanced (tab).

NOTE: This will only work with Internet Explorer (32 bit), NOT the 64 bit version (on a Mac, or any other web browser)

Problem 11:How can I find out how much mailbox space I'm using in OWA?

Solution 11:Hover your mouse over your name, a bubble similar to this should pop up and show you.

Problem 11a: I am over my storage limit, and I can't send any email. How can I increase my email storage capacity? AKO used to give me 1024 MB and DISA only gives me 512 MB, what can I do?

Solution 11a: Call 866-335-2769 and ask who your Entitlement Manager is for your branch of service and command. Then email them to ask to be converted to a Business Class account.

Problem 12:Receive message: 'This message can't be decrypted. If you have a smart card-based digital ID, insert the card and try to open the message again' when using OWA

Solution 12:Make sure the email address on your CAC is also in your Exchange profile. NOTE: This is why Army users now have @mail.mil email address on the CAC. You can update your email address by following DMDCs guidance.

Problem 13:I have PCSd to a new installation / location. How do I update my information in the Mail.mil Global Address List? NOTE: when you change your Installation, this will silently move your mail account to a closer DECC to your new duty station. You can see a list of them here.

Solution 13: Look at Solution 3-1 above

Problem 14:How do I configure my DoD Enterprise Email when at my Government computer using Outlook? NOTE: NOT available from home computer, OWA is only option

Solution 14:Follow this guide

Problem 15:You can get to https://web.mail.mil with your CAC and PIN and the IE tab indicates you're an email user. The next screen shows your actual mail server https://web-XXXX.mail.mil/owa however, this link only timeouts. It also times out if you go straight to it.

Solution 15:Add *.mail.mil to your trusted sites

Here's how: Open Internet Explorer, Click Tools, Internet Options, Security (tab), Trusted Sites (green checkmark), Sites (button), type *.mail.mil in the Add this website to the zone: box and hit the Add (button)

Problem 16:I've received notification of my Transfer to Enterprise Email from AKO, how can I save all of my emails from AKO?

Information:Visit this AKO page for the latest information regarding this event. FAQs

Solution 16:Follow NETCOM's TTP on the Manual Exporting of AKO Email Data to Enterprise Email. the file is located on AKO and in Word format.

Problem 17: I'm retiring in the next few months, is there any waiver request I can do to NOT be migrated to mail.mil?

Solution 17: Yes, visit the AKO to Mail.mil transition page https://www.us.army.mil/suite/page/EnterpriseEmailTransition for information on this question to request a waiver.

Problem 18:I do not own a computer, or I use a local library to check my AKO email. I don't have a CAC reader. What can I do?

Solution 18:Visit the AKO to Mail.mil transition page https://www.us.army.mil/suite/page/EnterpriseEmailTransition for information on this question to request a waiver.

Problem 19:I live in Korea (or another foreign country) and am unable to access Mail.mil from my personal computer. What can I do?

Solution 19-1:Try a VPN solution

Solution 19-2: You used to be able to visit this AKO page https://www.us.army.mil/suite/page/EnterpriseEmailTransition for information on this question to request a waiver.

Solution 19-3: Try changing your DNS server IPs and see it this works for you.

Here's How: In Windows, to manually configure the DNS settings for your current Ethernet / Wireless connection, look down by your clock, Right click on your Wireless / Ethernet connection -> Open Network and Sharing Center. Click Change Adapter Settings, Right Click on your active internet connection -> Properties. Under 'This connection uses the following items:' scroll down and click on 'Internet Protocol Version 4 (TCP/IPv4)', then click Properties. Under DNS Servers, select the option for 'Use the following DNS server addresses:'. This is where you manually configure your DNS servers. Google DNS: enter 8.8.8.8 for Preferred DNS, and 8.8.4.4 for Alternate DNS server. Click ok. Then click Close. You can also use Open DNS: enter 208.67.222.222 for Preferred, and 208.67.220.220 for Alternate DNS. Click OK, then click close.

Solution 19-4: Contact the Army Enterprise Service Desk to let them know you are having problems.

Problem 20:You are trying to updateMilConnect [are married to another Soldier] and cannot get your information to show up as you being the Sponsor. It may bring you up as a family member.

Solution 20: On the Sign-in page, click the CAC (tab), select Manage Account, NOT the Logon button. Click Select Sponsor, select your own name from the drop-down menu. Click Save. On the next screen, click the continue to MilConnect website (button). You can now login as yourself and update the MilConnect website.

Problem 21: Now that I'm on DoD Enterprise Email, how do I get all of my email that is currently in AKO account before I lose it?

Solution 21-1: Set up Outlook on your personal computer and set up AKO via IMAP.Create a PST and move the email to the PST.

Ext4 reader for mac os. Solution 21-2: Forward each of them individually to your new mail.mil email address.

Problem 22: I can't access my web.mail.mil email server, is the website down?

Solution 22: Visit: https://status.mail.mil (use your Email or PIV cert) you may be able to find out information about the status of your DECC.

Problem 23: Why am I being prompted for my PIN constantly when using Windows 8 / 8.1 / 7 built in smart card utility, or with ActivClient 7.0.1.x and 7.0.2.x?

Solution 23: Windows 8 / 8.1 / 7 built in smart card utility [and ActivClient 7.0.1.x / 7.0.2.x] do not cache your PIN (like ActivClient 6.2.0.x) does. DISA (Enterprise Email) wants to prompt you constantly for your PIN. The only solution I've found is for you to install CSSi, or Coolkey (However, the Navy OWA will still prompt with Coolkey installed). Find information about these two programs on the Windows 8 support page.

Problem 24: How do I move my contacts from AKO to mail.mil?

Solution 24: Follow this guide to see how to export your contacts into a .csv file, you can only import via Outlook 2007 or 2010. You'll have to be at your Army unit with Outlook configured for mail.mil access.

Non-Solution / Future Information 24: The ability does not exist to import contacts using OWA 2010 (which is what DISA uses for the @mail.mil email access). This option will become available in the future with the rollout of Office 365 / OWA 2013. In OWA 2013, you will find the below link by clicking Options, See All Options.., It will show up in the right side of the screen.

Problem 25: Firefox refuses to cooperate with Mail.mil

Solution 25: Follow installation guidance on Firefox page. I personally followed #1, #2, & #3.

Problem 26: See 'The ActiveX control needs to be enabled in Internet Explorer for Outlook Web App to work correctly. Click here to sign out, enable the ActiveX control, and then sign in to Outlook Web App.'

Solution 26:Follow this guide, specifically slide 20. Unless you've never gone through the guide before, then go through the entire guide.

Problem 27: See: 'Your S/MIME control is out of date.'

Solution 27: Follow Solution 7 above (Since the instructions they give you here are missing a step).

NOTE: This will only work with Internet Explorer (32 bit), NOT the 64 bit version (or on a Mac or any other web browser)

Problem 28: Receive 'Error Code: 500 Internal Server Error. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator.'

Solution 28 (Windows users):Follow this information

Solution 28 (Mac users): Follow these ideas

Problem 29: The 'New' button does not work to create a New email (on Windows 8 / 8.1)

Solution 29: The problem is incompatible Browser Mode and Document Mode. In order for IE10 in Windows 8 (or IE 11 on Windows 8.1) to work with the EE-OWA, the Browser Mode can be any from IE11 (regular or Compatibility Mode) to IE7 and the Document Mode MUST be IE8 Standards or higher (e.g. IE9 Standards). Access that Menu by pressing F12. A small window will open at the bottom of the browser. The options are to the right of the Menu Bar on that small window.

Problem 30: I am receiving the error message: 'No digital ID for signing has been found. If you have a smart card-based digital ID, insert the card and try to send the message again. You can also try sending the message without a digital signature.'

Information: This affects users who have their AKO email address on one or both military and civilian CACs.

How To Set Up A Cac Reader On Windows 10

Solution 30-1: Update / change email address on your CAC(s) to your Enterprise Email address.

Solution 30-2:Visit an ID card office to have them update your email address on your CAC(s) to your DoD Enterprise Email address.

Problem 31: Web.mail.mil / OWA locks up when trying to delete a thread of email with Skype Click to Call (C2C) installed.

NOTE: You may have received an update to Skype on your Windows computer. This update comes with C2C. One person noticed the issue appear and also noticed that phone numbers in emails suddenly appeared in blue (hyperlinks) with a Skype symbol next to them.

Solution 31: Uninstall C2C and the issue with locking up OWA when deleting email threads will go away.

Problem 32: Web.mail.mil / OWA keeps going to Lite version instead of regular version

Solution 32-1: Click Options, Accessibility, uncheck the Use the blind and low vision experience check box.

Solution 32-2: Follow NOTICE at top of this page regarding adding 'mail.mil' to your Compatibility View Settings.

Problem 33: When forwarding emails from web.mail.mil, the attachments are being stripped from the message.

Solution 33-1: They are hidden from your current view. Follow guidance in Problem 35 below)

Problem 34: Why can't I open or send an encrypted email now that I upgraded to Windows 8.1 (includes Internet Explorer 11 by default) or my Windows 7 or 8 computer now has Internet Explorer 11?

Solution 34:Add your OWA server [or any other websites that are not working] to the web browser's 'Compatibility View Settings' by following instructions on slide 21 of this guide. See Solution 7 above on how to install (or reinstall) the S/MIME control, also uncheck 'always show from' in mail settings (Options, See All Options.., Settings, Mail (tab) under Message Format)

Problem 35: I cannot see my attachments once I add them to a new email message in OWA when using Internet Explorer 11? How do I know they are actually there before I send the email out?

.

Solution 35-1: You have to add your OWA server [or any other websites that are not working] to the web browser's 'Compatibility View Settings' by following slide 21 in this guide. See Solution 7 above on how to install (or reinstall) the S/MIME control, also uncheck 'always show from' in mail settings (Options, See All Options.., Settings, Mail (tab) under Message Format)

Solution 35-2:Add the attachment to the email you are creating. Save the email as a draft. Close the email message, reopen it. You'll now see that the attachment is in the outgoing email.

Solution 35-3: Some people have added https://web.mail.mil to their Trusted Sites and claim it helps, I personally have not seen a need to add any sites to Trusted Sites when using web browsers newer than IE 8.

Solution 35-4: Use Google Chrome when sending attachments. Please know you cannot digitally sign or encrypt the email when using Chrome

Problem 36: What do the 3 letters mean before the @ sign?

Example: first.m.last.mil@mail.mil

Information 36:

Problem 37: After receiving a new CAC, you receive the following message when trying to use your CAC. 'A smart card was detected but is not the one required for the current operation. The smart card you are using may be missing required driver software or a required certificate.'

Solution 37: Your computer still has your certificates from your former CAC and is trying to them instead of your new CAC certificates. Follow slide 15 in this guide to clear them.

Problem 38: Receive the following error message 'Your current security settings do not allow this file to be downloaded.'

.

Solution 38: Open Internet Explorer, click Tools, Internet Options, Security (tab), select the Internet icon, click the Custom level.. (button), scroll down to the section titled Downloads and under File download make sure Enable is selected.

.

.

.

.

Problem 39: I can't access my webmail

.

Solution 39:Try disabling your Antivirus / web protection, if this works.

Avast users do this: Add *mail.mil* [and any other websites you can't access] to the Exclusions section of Main Settings, see image.

AVG users follow their guidance

Problem 40: Receiving 'This message contains an attachment encoded in a format that Outlook Web App doesn't recognize. Some of the information it contains may not be displayed in the message body.' when trying to open an attachment in an email using webmail.
Solution 40: The attachment could be corrupt. Have them to resend to you, they may also need to be send it unencrypted.

Question: What exactly is 'Dual Persona?'

Answer: The easiest way to explain is to give you an example: an Army Reserve [or Guard] Soldier who is also a DoD civilian [or contractor] who is authorized [or required] to have / carry / use two separate CACs. We are finding that people who were previously a contractor [or civilian] during the past three years [even if they left the job a year ago] are still classified as a Dual Persona in the eyes of DMDC and DISA.

Individuals that fall into this category HAVE to activate their PIV cert to be able to access their email on the DISA Enterprise Email.

CAC Reader / Smart Card Reader

The IOGEAR GSR202 is a TAA compliant USB Common Access Card Reader for military, government and even private sector workers who need everyday access to secure systems. Common Access Card (CAC) or Smart Card readers are used as a communications medium between the Smart Card and a host (e.g. a computer, point-of-sale terminal, network system, etc.) in secure systems such as those used by government, banking and health care.

IOGEAR's USB Common Access Card Readers require the card to be inserted directly into the reader where electrical contacts retrieve the data stored in the card’s chipset. IOGEAR’s physical contact readers are less prone to misalignment, which helps to eliminate the possibility of being misread.

What is a Smart Card or Common Access Card?

Often referred to as a Smart Card, the Common Access Card (or CAC) is the shape of a credit card, and is embedded with a data chip allowing specialized access. In addition to the embedded chip, Smart Cards are usually programmed with a PIN to ensure security for both the card holder and the system being accessed. Having reached tremendous adoption rates outside of the U.S., Smart Cards are now rapidly growing in this country to combat credit card fraud, while also providing the next generation of secure and user friendly identification. The federal government issues Common Access Cards programmed with a Personal Identification Verification (PIV) chip containing the data necessary for the cardholder to be properly identified and granted access to secure federal facilities and information systems. Smart Cards have been in use by the federal government in accordance with Homeland Security Presidential Directive 12 (HSPD-12) since 2006, and now the technology is rapidly spreading to banking, healthcare and other areas requiring identity verification and secured access.

What is FIPS 201?

FIPS 201 is a set of United States federal government technical standards and issuance policies specifying the Personal Identity Verification (PIV) requirements for federal employees and contractors. These standards dictate the manner by which authorized persons are granted physical and/or logistical access to federal government facilities and networks. IOGEAR’s Smart Card/Common Access Card readers are FIPS 201 compliant.

What is TAA Compliance?

TAA compliance indicates that a specific product follows the requirements outlined in the Trade Agreements Act of 1979, basically stating that the product is made in either the United States or a designated country. The designated country list includes those entered into free trade agreement with the U.S., those that take part in the World Trade Organization Government Procurement Agreement, those listed as a Least Developed Country (LDC), and others. Government purchase contracts, especially those for the Department of Defense, generally stipulate a product be TAA compliant in order to be considered for purchase. All of IOGEAR’s TAA compliant products meet the General Services Administration (GSA) Schedule requirements for government procurement. Additionally, several of these products are already listed on the GSA Approved Products List so government contractors, distributors and buying offices may refer to the following APL numbers listed below. Please also note that TAA compliance is not mandatory for all government agencies, so IOGEAR also offers a similar non-TAA compliant version of some products in order to provide lower pricing when TAA compliance is not required. For more information or questions about TAA compliance products, please contact us directly.

For a list of all IOGEAR TAA compliant products click here.

The following IOGEAR products are already listed on the GSA Schedule:
GSR202 USB Smart Card Reader: GSA APL #579
GSR203 Portable Smart Card Reader: GSA APL #693
GKBSR201 Keyboard w/Built-in Common Access Card Reader: GSA APL #612

For a list of all IOGEAR TAA compliant products click here.

How To Use Cac On Mac

The following IOGEAR products are already listed on the GSA Schedule:
GSR202 USB Smart Card Reader GSA APL #579
GSR203 Portable Smart Card ReaderGSA APL #693
GKBSR201 Keyboard w/Built-in Common Access Card ReaderGSA APL #612