Hi there, Some computers in our domain need to have certificate propagation enabled (for smartcard logons) However, the certificate propagation service fails to start. The services required by the certificate propagation service are running and it uses the local system account to run. I don't see any errors regarding the startup failure, only "The certificate propgation service entered the stopped state" What could this be?

Hi , Did you receive any error when trying to start Certificate propagation service manually? It seems this service is controlled by the domain configuration. Thus, you cannot change the status manually. The certificate propagation service applies when a logged-on user inserts a smart card in a reader that is attached to the computer. This action causes the certificate to be read from the smart card. The certificates are then added to the user's Personal store. The service action is controlled by using Group Policy. For information about Group Policy and Group Policy settings, see Smart Card Group Policy and Registry Settings. More information about Certificate Propagation Service, please see: http://technet.microsoft.com/en-us/library/ff404288.aspx Here is a document about deploying smart cards with Windows Vista for your reference. See "Windows Vista Smart Card Infrastructure" on the Microsoft Download Center (http://go.microsoft.com/fwlink/?LinkID=111969).Tracy Cai TechNet Community Support

Hi tracy, When trying to start the service manually it says: "The certificate propagation service on local computer started and then stopped. Some services stop automatically if they are not in use by other services or programs" I have a co worker with a similar AD account/computer (resides in the same OU and has the same group policy) and he can start/stop the service without a single problem. The option "allow service to interact with desktop" is turned off under the logon tab of the service properties.

Removing all "ActivIdentity" software from the system was the solution. This third party software hijacked the smartcard propagation.

Removing all "ActivIdentity" software from the system was the solution. This third party software hijacked the smartcard propagation.

Hi , I am glad to hear that you have found the solution. Thank you for coming back and let us know the result:). Best Regards.Tracy Cai TechNet Community Support