Solved

I can't get TS Gateway (SBS 2008) to authenticate using a Smartcard

Posted on 2010-09-01
3
704 Views
Last Modified: 2013-11-21
I am running SBS 2008 and I am trying to require Smartcard authentication for TS Gateway access.  I am using eToken USB devices from Aladdin.  I have configured the system and I can successfully log in to a workstation with the eToken client installed using Smartcard authentication, so I believe my PKI infrastructure (CA and such) are working correctly.

I have configured the TS Gateway CAP to use Smartcard authentication only, but I am having the following results:

If I try and login using the RDP 7 client and I specify the use of a gateway, I get the screen requiring my PIN to unlock the Smartcard, but it won't authenticate.  It keeps asking for my PIN as if the Smartcard did not unlock or it didn't recognize the Certificate.

If I login using RWW and "connect to computer", it logs on using PW authentication and never asks for the Smartcard login.
0
Comment
Question by:luis-brown
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 39

Accepted Solution

by:
Philip Elder earned 250 total points
ID: 33583388
The only SBS tested product that I have seen that really works is called AuthAnvil by Scorpion Software.

Fellow MVP Dana Epp is the owner of the company.

We use both key fob and soft tokens (Windows Mobile, iPhone, etc) for our key generation.

http://www.scorpionsoft.com/

Philip
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34732616
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question