Solved

Smart Card Issues when UnDocking laptop

Posted on 2014-11-18
4
603 Views
Last Modified: 2016-11-23
Hello guys, I'm having abit of an issue with smart cards. My company recently switched to full PIV card enforcement policies and everyone must use one now. However now an issue has came about where if someone removes their PIV card, undocks their laptop, and then re-inserts the card to unlock the unit while it is still undocked they receive an error stating "The system could not be unlocked. An error occurred trying to use this smart card. You can find further details in the event log. Please report this error to the system administrator". However if the unit is redocked it operates normally.

This has just started happening the past 2 months which is weird, nothing in the environment has really changed outside of vigorous patching being done on all units, perhaps a patch broke something? This has only effected 10 or so laptops (out of a few hundred) so far so if patching is the culprit it would seem odd to me.

I checked the event log for a unit I encountered with the issue and saw the following:

Log Name:      System
Source:        Microsoft-Windows-Smartcard-Server
Date:          10/31/2014 1:15:01 PM
Event ID:      616
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      (Omitted)
Description:
Reader monitor 'Dell Smart Card Reader Keyboard 0' received uncaught error code:  Access is denied.
Event Xml:

I'm not certain if this is in reference to the issue but it's the only entry I found in relation to a smart card listed as "Error". Also quite a few 615 errors (Reader removal monitor error retry threshold reached:  Access is denied.).

Any help appreciated, I'm at my wits end here.

Thank you.
IMG-1063.JPG
0
Comment
Question by:howardallenIT
  • 2
  • 2
4 Comments
 
LVL 23

Expert Comment

by:David
ID: 40452224
Microsoft technet suggests the fault lies with the card reader.  My next step might be to call Dell product support (since it's a Dell keyboard) and inquire into current drivers.  I can understand this as an intermittent problem that could be model or component specific, rather than global.  IOW there could be a set of defective keyboardss.

Workaround seems pretty clear:  users remove smart key prior to undocking......
0
 

Author Comment

by:howardallenIT
ID: 40452865
The only workaround currently is to fully shut down before you remove the laptop from the dock and power on afterwards, or do a reboot when you undock but at that point the screen will lock it self and you can't get back in due to the issue so you'll lose any unsaved work. Removing the smart card prior to undocking doesn't work either.
0
 

Author Comment

by:howardallenIT
ID: 40452867
The card readers are working fine also.
0
 
LVL 23

Accepted Solution

by:
David earned 500 total points
ID: 40453272
I promise you something, somewhere, somehow, changed.

"Reader removal monitor error retry threshold reached" -- I'm going out on a limb here, but my guess is that something is supposed to monitor (running count?) when a card is removed, but the count is failing.  Does your company have any support, even post-sales, from the vendor who provided the equipment and software?

What, exactly, did the patch change?

Did the software engineer (who did the install) go back through the release notes and product guide?

This occurs to about five percent of the workstations after the patch.  Consider swapping one of the reliable readers with one that's failing.  Test both.  If the failure reoccurs, does it follow the reader or stay with the workstation.  If the failure follows the reader, I respectfully suggest something is different about the reader -- examples could include the model, manufacturer, age, driver version, card manufacturer, etc.

Likewise, test a failing workstation which a user whose own station is working.  Does the problem persist with the new, good card?

Is the card reader external?  If so, does it connect through a notebook port or a docking station port?

I've only worked with one kind of smart card, but in seven years, I've never experienced a card removal that didn't immediately lock the session.  For your affected group, how frequently would you say they're having to undock a workstation?
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Not many admins are aware that GPOs can be activated and deactivated time-based. Time to change that :)
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the fileā€¦
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now