RAAUZYUW RUEWMFU9134 2442044-UUUU--RUCRNAD.
ZNR UUUUU ZUI RUENAAA9134 2442044
R 012042Z SEP 05 PSN 042697K28
FM CNO WASHINGTON DC
TO NAVADMIN
ZEN/NAVADMIN @ AL NAVADMIN(UC)
INFO ZEN/CNO CNO
BT
UNCLAS
SUBJ: IMPLEMENTATION OF PKI AUTHENTICATION FOR DADMS
FM CNO WASHINGTON DC//ACNO(IT)/N098//
TO NAVADMIN
UNCLAS
NAVADMIN 219/05
UNCLAS
MSGID/GENADMIN/CNO WASHINGTON DC/N098/SEP//
SUBJ/IMPLEMENTATION OF PKI AUTHENTICATION FOR DADMS//
REF/A/MEMO/DONCIO/19MAY2003//
REF/B/EMAIL/ACNO(IT)/29JUL2005//
AMPN/REF A IS SMART CARD AND PKI POLICY. REF B ANNOUNCED THAT PKI
AUTHENTICATION WOULD BE REQUIRED AS OF 22 AUG 2005 TO ACCESS DADMS.//
POC/KATHLEEN OBERT/CIV/ACNO(IT)/LOC:LOC:WASHINGTON DC



PAGE 02 RUEWMFU9134 UNCLAS
/TEL:(703)604-7813/EMAIL:kathleen.obert@navy.mil//
POC/DOUG BURNS/CIV/ACNO(IT)/LOC:LOC:WASHINGTON DC/TEL:(703)604-7813
/EMAIL:douglas.burns@navy.mil//
RMKS/1.  EXECUTIVE SUMMARY.  THIS IS A COORDINATED DON CIO AND
ACNO(IT) MESSAGE.  IN ACCORDANCE WITH REFS A AND B, THIS MESSAGE
IMPLEMENTS THE USE OF CAC AND PUBLIC KEY INFRASTRUCTURE (PKI) TO
ACCESS THE DEPARTMENT OF THE NAVY APPLICATIONS AND DATABASE
MANAGEMENT SYSTEM (DADMS).
2.  EFFECTIVE 06 SEP 2005 PKI AUTHENTICATION SIGN-ON WILL BE
REQUIRED TO ACCESS DADMS. THIS ACTION WAS DELAYED FROM 22 AUG 2005,
PREVIOUSLY ANNOUNCED IN REF B, TO COINCIDE WITH SCHEDULED COMPLETION
OF NETWORK AND SERVER REGISTRATION.  THIS ACTION IS BEING TAKEN TO
PROVIDE ADDITIONAL ASSURANCE THAT ONLY PERSONNEL AUTHORIZED BY THE
CURRENT DADMS ACCESS CONTROL PROCESS HAVE ACCESS TO THE NETWORK AND
APPLICATION INFORMATION CONTAINED IN DADMS. DADMS USERS MUST EITHER
HAVE A VALID PKI SOFTWARE CERTIFICATION (SOFTCERT) INSTALLED ON THEIR
SYSTEM OR USE A COMMON ACCESS CARD (CAC) READER AND SOFTWARE TO
PROVIDE THE AUTHENTICATION.
3.  DADMS USERS ARE ADVISED THAT PKI SOFTCERTS HAVE AN EXPIRATION
DATE AT WHICH TIME THE SOFTCERT WILL BECOME INVALID.  SOFTCERTS ARE



PAGE 03 RUEWMFU9134 UNCLAS
NO LONGER BEING ISSUED.  ONCE THE SOFTCERT EXPIRES THE USER WILL BE
REQUIRED TO USE THEIR CAC FOR AUTHENTICATION.
4.  USERS OF NMCI PROVIDED DESKTOPS COMPUTERS OR LAPTOPS ARE
PROVIDED THE CAC READER AND ACTIVCARD GOLD SOFTWARE REQUIRED FOR
AUTHENTICATION PURPOSES. IN ADDITION TO THE CAC AND ACTIVCARD GOLD
SOFTWARE, USERS MUST ENTER THEIR INDIVIDUAL PERSONAL IDENTIFICATION
NUMBER (PIN) CODE WHICH THEY CREATED WHEN THEIR CAC WAS ISSUED.
5.  USERS ACCESSING DADMS FROM NON-NMCI COMPUTERS MUST HAVE A CAC
READER ATTACHED TO THEIR PC AS A PERIPHERAL AND HAVE THE ACTIVCARD
GOLD PKI CAC SOFTWARE INSTALLED TO PROVIDE THE AUTHENTICATION.
6.  PKI AUTHENTICATION IS IN ADDITION TO THE USER ID AND PASSWORD
CURRENTLY REQUIRED IN ORDER TO LOG ONTO DADMS.  PKI AUTHENTICATION
DOES NOT CHANGE THE CURRENT METHOD OF OBTAINING ACCESS TO DADMS.
ANY DADMS USER ID AND PASSWORD PROBLEMS SHOULD STILL BE REPORTED TO
THE DADMS HELP DESK.  CAC PROBLEMS ARE TO BE REPORTED TO COMMAND CAC
ISSUING ACTIVITIES SINCE THE DADMS HELP DESK CANNOT ASSIST WITH CAC
PROBLEMS.  USE OF THE CAC TO ACCESS DADMS CAN BE TESTED IMMEDIATELY
AND IS ENCOURAGED TO INSURE CAC PROBLEMS HAVE BEEN ADDRESSED PRIOR TO
THE PKI AUTHENTICATION BEING IMPLEMENTED ON 06 SEP 05.
8.  RELEASED BY RDML R.D. REILLY, JR., DEPUTY ACNO(IT).//
BT
#9134







NNNN