Solved

Smart Card certificate not writing to card

Posted on 2012-04-06
4
1,726 Views
Last Modified: 2012-04-21
Hi,

I am trying to get smart card authentication working in my test environment before rolling out it out into production.

I am following this guide as it seems to be one of the more detailed guides online for server 2008 R2:

http://henrysluiman.blogspot.co.uk/2011/12/installing-windows-2008-r2-certificate.html

My main aim is to allow smart card authentication on Remote Desktop Services.
But at the moment i cannot get my certificate to write to the card.

My setup consists of:
1 x DC with Server 2008 R2 Std installed
main Roles are:
Active Directory Certificate Services
Remote Desktop Services

1 x Windows 7 Pro virtual machine joined to the domain.
1 x Gemalto .Net Smart Card
1 x HID Omniikey 3121 Smart Card Reader


When following the guide i get to the part where i have to insert my smart card, and the screenshot depicts a 'enter your pin' prompt.
However i do not get that prompt.

Has anyone had any experience with .Net Smart Cards in a server 2008 R2 environment?
0
Comment
Question by:P4AC
  • 2
4 Comments
 
LVL 22

Expert Comment

by:Paka
ID: 37846543
The first thing that comes to mind is - did you download and install the Gemalto Smartcard Minidriver on your certificate issuing machine?  This driver is located here:

http://www.gemalto.com/products/dotnet_card/resources/libraries.html
0
 

Accepted Solution

by:
P4AC earned 0 total points
ID: 37851346
Hi,

I have now resolved this issue.

When i was Duplicating the smart card user Template, i am prompted to select from two options:
Windows Server 2003 Enterprise
or
Windows Server 2008 Enterprise

I was choosing 2008, but apparently this option does not let you configure any Cryptographic Service Provider settings.

After starting from Scratch and choosing 2003 i can now configure correctly and have now managed to logon to a pc using a smart card.
0
 

Author Closing Comment

by:P4AC
ID: 37875031
Went through troubleshooting steps with Microsoft support who pointed me in the right direction
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question