ReleasePoSC 230525-1

User aliases and alias certificates

This function is not yet activated in the Service, but with this update the function is prepared to be put into operation at a later stage.

Through the user alias function, it is now possible to link users to an alias certificate, e.g., a certificate used for a user's administrator role on their own computer.

  • [PIDS-2] - The create user alias function to create an alias such as an administrator that is linked to the regular user.
  • [PIDS-16] - The right to create user aliases has been granted to the RA Central Officer.
  • [PIDS-7] - The right to issue alias certificates.
  • [PIDS-18] - The right to retrieve alias certificates through self-service has been granted to RA Subscriber.
  • [PIDS-6] - The option to retrieve your alias certificate yourself via self-service is now available. This provided that the user has an alias account.
  • [PIDS-5] - The ability to block individual certificates on tokens has been introduced. This is to be able to only block alias certificates and not have to block an entire token.
  • [PIDS-17] - The right to block individual certificates has been assigned to RA Local Officer and RA Central Officer.

SID (Security identifier)

Due to Microsoft's requirement that the SID be used as the unique identifier, this feature has been added. It also requires that the customer's active directory (AD) can be accessed.

  • [PIDS-4] - Creation and management of users now requires that the SID exists for the user and that the local AD can be accessed.


  • [PIDS-25] - New report, User with roles, which shows which roles users have.


  • [PIDS-29] - Update so that a Yubikey's printed serial number is also used as a logical serial number.

Bug fixes

  • [PIDS-19] - Updated text for issuing Yubikey which incorrectly showed the text Utfärda till surfplatta.
  • [PIDS-22] - The ability to register unregistered tokens from the front page is now removed.
  • [PIDS-23] - Prompt text when trying to display PUK on screen is now in Swedish instead of English.
  • No labels