We had a problem yesterday using smart card in our domain. It had turned out that the CRL had expired on the rootca and the policyca1 certificate servers. I republished the CRL and the errors that were occuring using the dsstore command dissapeared.
However, i am still getting the message "credentials could not be verified" when i try and log on using a smartcard. I have tried issueing a new certificate but still get the same error.