Configure Windows Logon\Device Unblock\Diagnostics

Enables users to use PKI Client to register certificate on their smart cards for Windows Logon, and to unlock a device locked due to too many failed authentication attempts.
Also permits enabling of diagnostics mode by default in PKI Client.
If not enabled, these additional options will not be available to users and diagnostics mode will not be enabled by default.

Supported on: Windows 10

If selected, users will be able to register a device for Windows Logon.

Enable users to register for Windows Logon

Registry Hive	HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER
Registry Path	Software\Policies\Symantec\PKI Client\4
Value Name	AllowTrayRegLogon
Value Type	REG_DWORD
Default Value	0
True Value	1
False Value	0

If activated, users will be able to unblock a PIV device.

Enable users to unblock PIV devices

Registry Hive	HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER
Registry Path	Software\Policies\Symantec\PKI Client\4
Value Name	AllowTrayUnblock
Value Type	REG_DWORD
Default Value	0
True Value	1
False Value	0

If activated, diagnostics mode will be opened by default when launching PKI Client.

Enable diagnostics mode by default

Registry Hive	HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER
Registry Path	Software\Policies\Symantec\PKI Client\4\Features\Console
Value Name	DefaultDiagnosticsMode
Value Type	REG_DWORD
Default Value	0
True Value	1
False Value	0

symantecpkiclient4.admx

Administrative Templates (Computers)

Symantec PKI Client

Administrative Templates (Users)

Symantec PKI Client