?
Solved

Smart Card solution for PC access in a active directory domain environment

Posted on 2016-07-28
4
Medium Priority
?
98 Views
Last Modified: 2016-08-21
We have a small office. 1 Domain Server running windows server 2008.  12 computers (6 laptops and 6 desktops).  Looking for a system that will allow us to login by swiping a card.
0
Comment
Question by:rrincones
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 42

Accepted Solution

by:
Adam Brown earned 2000 total points
ID: 41733615
You need a few things...

1. A Certificate Authority - You can do this with Windows Server. Install the AD Certificate Services role. https://www.youtube.com/watch?v=8IVrQRkoDhg should go over the process of getting this set up.
2. A smart card writer
3. Smart card readers on all machines

There isn't a way to do login with a card "swipe," though. Smart cards have to be inserted and remain inserted throughout the session. If the card is removed, it will usually force logoff. The smart card stores a copy of the assigned user's Certificate and Private Key, which are used to authenticate and decrypt communications, so removing the smart card will usually result in communication with AD failing, so the card has to be inserted the entire time you're logged in.
1
 

Author Comment

by:rrincones
ID: 41733805
ok. thank you.

any particular brand for reader and writer?
0
 
LVL 42

Expert Comment

by:Adam Brown
ID: 41753244
Not really. Anything that can read a smart card will do. The technology is very lightweight, so there probably isn't much difference between brands.
0
 

Author Closing Comment

by:rrincones
ID: 41764772
thank you very much.
0

Featured Post

Want to be a Web Developer? Get Certified Today!

Enroll in the Certified Web Development Professional course package to learn HTML, Javascript, and PHP. Build a solid foundation to work toward your dream job!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month9 days, 8 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question