Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Smart Card Issues when UnDocking laptop

Posted on 2014-11-18
Medium Priority
Last Modified: 2016-11-23
Hello guys, I'm having abit of an issue with smart cards. My company recently switched to full PIV card enforcement policies and everyone must use one now. However now an issue has came about where if someone removes their PIV card, undocks their laptop, and then re-inserts the card to unlock the unit while it is still undocked they receive an error stating "The system could not be unlocked. An error occurred trying to use this smart card. You can find further details in the event log. Please report this error to the system administrator". However if the unit is redocked it operates normally.

This has just started happening the past 2 months which is weird, nothing in the environment has really changed outside of vigorous patching being done on all units, perhaps a patch broke something? This has only effected 10 or so laptops (out of a few hundred) so far so if patching is the culprit it would seem odd to me.

I checked the event log for a unit I encountered with the issue and saw the following:

Log Name:      System
Source:        Microsoft-Windows-Smartcard-Server
Date:          10/31/2014 1:15:01 PM
Event ID:      616
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      (Omitted)
Reader monitor 'Dell Smart Card Reader Keyboard 0' received uncaught error code:  Access is denied.
Event Xml:

I'm not certain if this is in reference to the issue but it's the only entry I found in relation to a smart card listed as "Error". Also quite a few 615 errors (Reader removal monitor error retry threshold reached:  Access is denied.).

Any help appreciated, I'm at my wits end here.

Thank you.
Question by:howardallenIT
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 23

Expert Comment

ID: 40452224
Microsoft technet suggests the fault lies with the card reader.  My next step might be to call Dell product support (since it's a Dell keyboard) and inquire into current drivers.  I can understand this as an intermittent problem that could be model or component specific, rather than global.  IOW there could be a set of defective keyboardss.

Workaround seems pretty clear:  users remove smart key prior to undocking......

Author Comment

ID: 40452865
The only workaround currently is to fully shut down before you remove the laptop from the dock and power on afterwards, or do a reboot when you undock but at that point the screen will lock it self and you can't get back in due to the issue so you'll lose any unsaved work. Removing the smart card prior to undocking doesn't work either.

Author Comment

ID: 40452867
The card readers are working fine also.
LVL 23

Accepted Solution

David earned 2000 total points
ID: 40453272
I promise you something, somewhere, somehow, changed.

"Reader removal monitor error retry threshold reached" -- I'm going out on a limb here, but my guess is that something is supposed to monitor (running count?) when a card is removed, but the count is failing.  Does your company have any support, even post-sales, from the vendor who provided the equipment and software?

What, exactly, did the patch change?

Did the software engineer (who did the install) go back through the release notes and product guide?

This occurs to about five percent of the workstations after the patch.  Consider swapping one of the reliable readers with one that's failing.  Test both.  If the failure reoccurs, does it follow the reader or stay with the workstation.  If the failure follows the reader, I respectfully suggest something is different about the reader -- examples could include the model, manufacturer, age, driver version, card manufacturer, etc.

Likewise, test a failing workstation which a user whose own station is working.  Does the problem persist with the new, good card?

Is the card reader external?  If so, does it connect through a notebook port or a docking station port?

I've only worked with one kind of smart card, but in seven years, I've never experienced a card removal that didn't immediately lock the session.  For your affected group, how frequently would you say they're having to undock a workstation?

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We take a look at some of the most common obstacles that IT teams run into as they work relentlessly to keep all the alarms and sirens from going off at once.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question