Howdy everyone,
So...I've grabbed up some Gemalto .NET 2.0 smart cards to hopefully use as A.D. authentication and other various requirements. So, what I've done is on my PKI
Requested an Enrollment Agent cert
Duplicated the template Smartcard Logon and set accordingly:
* Purpose: Signature and smartcard login
* Cryptography: Must use one of the following: Microsoft Base Smart Card Crypto Provider
* Issuance: Requires 1 signature, Application Policy/Certificate Request Agent
I'm able to successfully get a cert and confirmed with the certutil scinfo command.
When I try to RDP to a server or workstation I get the following message
Remote Desktop Connection
An authentication error has occurred
The function requested is not supported
Remote computer: *computer name*
When logging in directly onto a machine (after PIN verification):
Signing in with a smart card isn't supported for your account
I have Domain Controller certs on my DC's (combination of 2008 R2 and 2012) that include purposes of Client/Server/Smart Card Logon
I'm obviously forgetting something?
Thanks
- Edited by CompNerd84 Wednesday, August 26, 2015 3:33 PM formatting