Smart Card Issues when UnDocking laptop

Hello guys, I'm having abit of an issue with smart cards. My company recently switched to full PIV card enforcement policies and everyone must use one now. However now an issue has came about where if someone removes their PIV card, undocks their laptop, and then re-inserts the card to unlock the unit while it is still undocked they receive an error stating "The system could not be unlocked. An error occurred trying to use this smart card. You can find further details in the event log. Please report this error to the system administrator". However if the unit is redocked it operates normally.

This has just started happening the past 2 months which is weird, nothing in the environment has really changed outside of vigorous patching being done on all units, perhaps a patch broke something? This has only effected 10 or so laptops (out of a few hundred) so far so if patching is the culprit it would seem odd to me.

I checked the event log for a unit I encountered with the issue and saw the following:

Log Name:      System
Source:        Microsoft-Windows-Smartcard-Server
Date:          10/31/2014 1:15:01 PM
Event ID:      616
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      (Omitted)
Description:
Reader monitor 'Dell Smart Card Reader Keyboard 0' received uncaught error code:  Access is denied.
Event Xml:

I'm not certain if this is in reference to the issue but it's the only entry I found in relation to a smart card listed as "Error". Also quite a few 615 errors (Reader removal monitor error retry threshold reached:  Access is denied.).

Any help appreciated, I'm at my wits end here.

Thank you.
IMG-1063.JPG
howardallenITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DavidSenior Oracle Database AdministratorCommented:
Microsoft technet suggests the fault lies with the card reader.  My next step might be to call Dell product support (since it's a Dell keyboard) and inquire into current drivers.  I can understand this as an intermittent problem that could be model or component specific, rather than global.  IOW there could be a set of defective keyboardss.

Workaround seems pretty clear:  users remove smart key prior to undocking......
0
howardallenITAuthor Commented:
The only workaround currently is to fully shut down before you remove the laptop from the dock and power on afterwards, or do a reboot when you undock but at that point the screen will lock it self and you can't get back in due to the issue so you'll lose any unsaved work. Removing the smart card prior to undocking doesn't work either.
0
howardallenITAuthor Commented:
The card readers are working fine also.
0
DavidSenior Oracle Database AdministratorCommented:
I promise you something, somewhere, somehow, changed.

"Reader removal monitor error retry threshold reached" -- I'm going out on a limb here, but my guess is that something is supposed to monitor (running count?) when a card is removed, but the count is failing.  Does your company have any support, even post-sales, from the vendor who provided the equipment and software?

What, exactly, did the patch change?

Did the software engineer (who did the install) go back through the release notes and product guide?

This occurs to about five percent of the workstations after the patch.  Consider swapping one of the reliable readers with one that's failing.  Test both.  If the failure reoccurs, does it follow the reader or stay with the workstation.  If the failure follows the reader, I respectfully suggest something is different about the reader -- examples could include the model, manufacturer, age, driver version, card manufacturer, etc.

Likewise, test a failing workstation which a user whose own station is working.  Does the problem persist with the new, good card?

Is the card reader external?  If so, does it connect through a notebook port or a docking station port?

I've only worked with one kind of smart card, but in seven years, I've never experienced a card removal that didn't immediately lock the session.  For your affected group, how frequently would you say they're having to undock a workstation?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Laptops Notebooks

From novice to tech pro — start learning today.