Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Why do my installed SSL Client Certificates show up when I log into a profile locally but they do not when I log into the profile remotely through terminal services?

Posted on 2008-06-25
7
Medium Priority
?
208 Views
Last Modified: 2010-04-21
Here's the scoop: I just installed SSL Client Certificates for a profile on my server. When I log into the profile locally, the certificates show up. When I login remotely through terminal services, they don't.

To give some background, I have police laptops that remote into a server with locked down profiles using 3G air cards plugged into toughbooks. Once logged into the server, they access their database and are able to surf to a list of whitelisted websites in IE6.

One particular website uses SSL security certificates to verify client identities. When I go to this particular website, using the same profile, the certificates work fine when logged in locally but don't show up when logged in remotely.

Any guidance on what security settings are causing this and how to fix this?
0
Comment
Question by:malatex
  • 4
  • 3
7 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21869433
When you say "when logged on locally," do you mean logging on to the terminal server directly using the user's name and password?  How do you have the profiles set up for TS users, using roaming profiles or just local profiles on the TS?
0
 

Author Comment

by:malatex
ID: 21869951
I'm almost positive they are just local profiles on the TS. Since we aren't running a VPN I'm not sure that roaming profiles would even work. I apologize for my ignorance as I'm a tech doing admin work that is kinda' outside of my current skill set.
0
 

Author Comment

by:malatex
ID: 21869958
Oops... I should add that yes, when I say "logged on locally" I mean physically sitting down at the server and logging on.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 2000 total points
ID: 21875082
If they log on to the TS using domain accounts, as opposed to local accounts on the TS, you need to check in the users' properties in Active Directory to see if they have roaming profiles set up.  If they're logging on locally with accounts that are created locally on the TS, then check out their local accounts to see if their profiles are using a different path than the local default (i.e., C:\Documents and Settings, etc.) path.  
0
 

Author Comment

by:malatex
ID: 21876911
The setup is actually using a workgroup as opposed to a domain, as lame as that is. Interestingly enough, while reading your post it occured to me what happened. I forgot that the Police Department is running a terminal server and a separate file server and the user installed the licenses on the file server. I had her remote into the TS using the same login and install a test certificate and it worked fine. Since we have the profiles locked down hardcore, I had to find a way to temporarily disable the group policy settings so I found a program that could do that: http://www.petri.co.il/killpol.htm
Worked like a charm once we found a backdoor to run the program from her flash drive. From there we were able to get the licenses to show and although there are a few quirks still, I seem to have figured out what was going wrong. Thanks a lot for the help and for inspiring a resolution.
0
 

Author Closing Comment

by:malatex
ID: 31470735
I'm not sure what the proper protocol is for this since you didn't actually come up with the exact solution but I gave you partial ratings, A (Excellent) grade for your help.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 21877496
Hey - glad you found the resolution, and thanks for awarding the points!
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to use a free utility called 'Parkdale' to easily test the performance and benchmark any Hard Drive(s) installed in your computer. We also look at RAM Disks and their speed comparisons.
This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question