USB smart card reader and RDP connections
Hello, I have a user who primarily works from our satellite office and has a desktop down there, but she is working from headquarters for the week and typically borrows a laptop to remote to her desktop and then RDP from there to her VMs running on a clients network. In able to establish this connection, she is using a smart card reader connected via USB to her desktop. Typically we have given her older Dell D820's to use as a loaner, which do not have onboard smartcard readers, but this time we gave her a Latitude E6500 that does have an onboard reader. I will explain why I believe this is relevant later. So just to be extra clear, we are RDP'ing to her desktop at the satellite office. From there she attempts to work as usual by opening an RDP session to a machine on the client network. It does not detect the smart card. I opened the device manager and saw it detected the reader and the smart card, both were enabled with correct drivers. We closed out the RDP session and after looking through the device manager of the laptop, I noticed it too had a smart card (onboard), and thinking it may be conflicting, I disabled it. We once again RDP'ed to her desktop and this time it did not even give us the option to insert a smart card. So next thing we tried was completely uninstalling the smart card reader drivers from the laptop, and stopping the smart card service. We even disabled the "share smart card" from the RDP settings. Still not giving us the smart card option while trying to RDP to the client machine. Once we installed the drivers again on the laptop, the option showed up. Therefore, I think it is attempting to use the onboard smart card reader for the laptop even after being RDP'ed to her desktop, and of course the smart card is in the usb reader connected to the desktop 150 miles away. I had her call a colleague down there and have them log in as her and attempt to establish the RDP connection. They were successful. How do I tell the machine to use the USB card reader physically connected to establish the connection rather than the onboard of the laptop? Any help is appreciated. Both desktop and laptop are on Windows 7 Enterprise x64.
September 12th, 2011 8:30pm

Hi, I guess you are using Smart Card redirect. Does it make any difference when you only disable the on board smart card reader? You cannot disable Smart Card service and share Smart Card option, this should redirect the Smart Card device. For more information, please access the link below. http://technet.microsoft.com/en-us/library/cc759595(WS.10).aspx Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
September 13th, 2011 11:56am

Thank you for replying. When I disable the onboard card, the option to use a smart card disappears entirely from the desktop that has a known working usb reader connected to it. It's like the RDP only sees the onboard of the laptop because we are connected via laptop, even though we are working from the desktop and trying to RDP out from it (double hop). I was curious if there is a way to specify which reader to use.
September 13th, 2011 4:31pm

Hi, Please check whether the following is true. http://blogs.technet.com/b/instan/archive/2011/03/27/why-can-t-i-see-my-local-smartcard-readers-when-i-connect-via-rdp.aspx To enable smart card logon to a Remote Desktop Session Host (RD Session Host) server, the Key Distribution Center (KDC) certificate must be present on the RDC client computer. http://technet.microsoft.com/en-us/library/ff404286(WS.10).aspx Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
Free Windows Admin Tool Kit Click here and download it now
September 14th, 2011 6:18am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics