matthewjnewton
asked on
Smart Card issues
Hello,
I've recently installed Server 2012 R2 and I am looking to deploy smart cards for users to logon to the domain. However, I am having a few issues enrolling users. I get the following Error message, The smart card requires drivers, which are not present on this system. Im not sure what the problem seems to be.
I have a GemPC Twin smart card reader. Attached Is a screen image of the issue.
Regards
I've recently installed Server 2012 R2 and I am looking to deploy smart cards for users to logon to the domain. However, I am having a few issues enrolling users. I get the following Error message, The smart card requires drivers, which are not present on this system. Im not sure what the problem seems to be.
I have a GemPC Twin smart card reader. Attached Is a screen image of the issue.
Regards
Gregory Miller
The smart card reader either requires another driver or it does not recognize the card you inserted. Are you able to read any cards from any client computer, looking beyond the authentication use?
ASKER
I can't really test it on anything else as I am in the process of setting the smart card system up until I've hit this issue.
OK, the card you have... Did it come with the reader, in the same box, that you have or did you get them separately? If they came together, you are simply missing drivers and probably need to hit the manufacturer website for updates. If they came separately, they may not work together or they need to be initialized by the reader first.
ASKER
Nope, I purchased the card separately. I have a brief description of the card its from Smart Card Focus. The item is described as GemClub Memo.
The cards are like an unformatted disk. I will bet if you dig in you will find you need to initialize it first so it is usable. I have never set one up from scratch.
ASKER
Do you know of any software that will help me format this card ?
The reader should unless it is only a reader. Like I mentioned, I have not set one up from scratch before.
Did the reader come with any drivers and did you install those drivers yet?
http://support.gemalto.com/index.php?id=pc_usb_tr_and_pc_twin
Everything you ever wanted to know about smart card but were afraid to ask...
http://www.smartcardalliance.org/pages/smart-cards-intro-standards
Format utility (use at own risk)
http://smart.software.informer.com/download-smart-card-format-utility/
Did the reader come with any drivers and did you install those drivers yet?
http://support.gemalto.com/index.php?id=pc_usb_tr_and_pc_twin
Everything you ever wanted to know about smart card but were afraid to ask...
http://www.smartcardalliance.org/pages/smart-cards-intro-standards
Format utility (use at own risk)
http://smart.software.informer.com/download-smart-card-format-utility/
ASKER
I believe its a reader writer, I have the latest drivers I'm still not sure about formatting the card though. I think more experts are required.
Is Server 2012 R2 a physical server or just a Virtual machine?
ASKER
Physical Machine my Server 2012 R2
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I feared that might of been the case. Just to confirm on smartware2u.com, they have two types of cards.
The Gemalto IDPrime.NET 510
And Gemalto IDPrime.NET 5500
I take it the first one is acceptable ?
The Gemalto IDPrime.NET 510
And Gemalto IDPrime.NET 5500
I take it the first one is acceptable ?
I take it the first one is acceptable ? YES, unless your project is to add Biometrics Match On Card authentication for the logon.
The correct Gemalto drivers are needed for the smart card AND the smart card you are using, usually supplied in the hardware box in a white CD case (eSigner). We use similar ones for our finance team -- they can be a pain to setup and worse when the bank switch USB card readers without telling me and expect them to work by magic.
you need the reader drivers first, then add the smart card drivers just after (in between restarts), when you connect the reader, let the server pickup the device first, and then use Device Manager to verify its connected and running normal (no yellow !). Then connect the smart card and then run the Gemalto Toolbox (sometimes the Classic toolbox depending on driver version). This will show you the options the the card supports and what you can do with them.
Or team is using the current Classic Client v6.0 SP1 (6.01.001.001) and eSigner v4.1.9.001. Gemalto will install a GemPcCCID package also should be v2.0,1 or better , again depends on model of readers and cards.
you need the reader drivers first, then add the smart card drivers just after (in between restarts), when you connect the reader, let the server pickup the device first, and then use Device Manager to verify its connected and running normal (no yellow !). Then connect the smart card and then run the Gemalto Toolbox (sometimes the Classic toolbox depending on driver version). This will show you the options the the card supports and what you can do with them.
Or team is using the current Classic Client v6.0 SP1 (6.01.001.001) and eSigner v4.1.9.001. Gemalto will install a GemPcCCID package also should be v2.0,1 or better , again depends on model of readers and cards.
In general, a particular CSP is required to be present on a given machine, either to enrol certificates (strictly, to generate key-pairs) to that CSP, or to be able to use certificates (especially on smart card) generated using that CSP. It is not required to be present on the Certificate Server, not for the purpose of generating the certificate, that is. If you try to log on to a machine using a smart card generated using a CSP which is not present on that machine, you get an error: The card supplied requires drivers which are not present on this system. Please try another card. This applies both to a local interactive logon, and also via remote desktop – it would be rather surprising if the latter were not the case.
You may want to try the Gemalto Smartdiag utility software that checks your configuration regarding all the Smart Card Components.
See how this helps using the tools
https://www.experts-exchange.com/questions/22490502/Smart-Card-Logon-Problems.html
diagnose - http://support.gemalto.com/index.php?id=classic_client_troubleshooter
tools - http://support.gemalto.com/index.php?id=download_tools
You may want to try the Gemalto Smartdiag utility software that checks your configuration regarding all the Smart Card Components.
See how this helps using the tools
https://www.experts-exchange.com/questions/22490502/Smart-Card-Logon-Problems.html
diagnose - http://support.gemalto.com/index.php?id=classic_client_troubleshooter
tools - http://support.gemalto.com/index.php?id=download_tools
ASKER
All sorted and working correctly. Thank you experts