I have a computer that is in a workgroup (long story) and I'm trying to save domain credentials in Credential Manager as "*.example.com". If I use "normal" password based credentials the persistence type is shown as "Enterprise" and they are saved across logout/reboot. However, if I use certificate/smartcard credentials the persistence is shown as "logon session" and they are gone after a reboot. Is this by design, and, if so, why?

Hi, Thanks for posting in Technet. You may not have proper permission. Enrolling for a smart card certificate It indicates: A domain user cannot enroll for a Smart Card Logon certificate (which provides authentication) or a Smart Card User certificate (which provides authentication plus other uses of the smart card cryptography) unless a system administrator has granted the user access rights to the certificate template that is stored in Active Directory. Enrollment for a smart card certificate must be a controlled procedure, in the same manner that employee badges are controlled for purposes of identification and physical access. You may contact your domain administrator for more assistances. Arthur Xie TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Arthur, Thanks for the reply. The user already has a SmartCard and was enrolled for a certificate. SmartCard authentication works fine from this computer, but has to be done each time a network resource is accessed. My question is how to save those credentials in Windows "Credential Manager" longer than just the current logon so the user doesn't have to authenticate each time he accesses a network resource.

Hi, I suspect that the certificates are not imported from Smart Card. Have you read the detail instruction in the following article? Guidelines for enabling smart card logon with third-party certification authorities You may check if the certificate is in local certification store after you log in with smart card in Windows 7. Also you may open Event Viewer, search for Security log and System log to try to find some clues. If the certification are imported into local store, you should not need to add the certification in Credential Manager.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, I just want to touch base and check if there is anything that I can do for you on this service request. If so, please do not hesitate to let me know and I will be happy to help.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.