We use smartcards in our environment. We currently use ActivClient as a middleware for reading smartcard certificates. We are using middleware simply because it's a hold-over from when Windows XP couldn't read smartcards and have never moved away from it. We've always had issues with reading/passing certificates in our environment due to many WAN links (slow and fast) etc., so I wanted to evaluate the use of integrated Windows smartcard reading on our cards and in our enviornment and have hit a bit of a snag. Our smartcards contain 4 certificates, on normal ad account, 2 email, and 1 admin account. Once I uninstalled the ActivClient middleware from my machine and rebooted, I was initially only able to see my admin certificate (which is the last certificate listed on the card in top-down order). I have two card readers on my system (one internal, one usb on desktop) and all I did was switch the card between the readers and then 3 certs displayed (expected behavior). At which case, I was able to log in. My coworker on the other hand, ran through the same series of steps (uninstall ActivClient, reboot, one cert). But he didn't have two smartcard readers so i unplugged my usb smartcard reader and gave it to him to test with. Unfortunately, his system did not respond the same way (mine Win7 x64, his Win7 x86). I thought it might just be publishing certs to Windows but we have Group Policy configured to auto-publish certs when the insertion of the smartcard. We also have "Force the reading of all certificates from the smart card" enabled. I'm not too bright on certificate management so any assistnace is appreciated. Thx.

HI, below is some articles about smart card logon. Smart Card Logon and AuthenticationSmart Card Logon and Authentication : http://blogs.msdn.com/b/windowsvistanow/archive/2008/03/26/smart-card-logon-and-authentication.aspx Smart Card Logon on Windows Vista: http://blogs.msdn.com/b/shivaram/archive/2007/02/26/smart-card-logon-on-windows-vista.aspx http://support.microsoft.com/kb/281245 From the artilce, we should know the Certificate for CA issuing smart Cart logon must be published to ADNtauthcertificates. Best regards, Jason Mei Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

HI, below is some articles about smart card logon. Smart Card Logon and AuthenticationSmart Card Logon and Authentication : http://blogs.msdn.com/b/windowsvistanow/archive/2008/03/26/smart-card-logon-and-authentication.aspx Smart Card Logon on Windows Vista: http://blogs.msdn.com/b/shivaram/archive/2007/02/26/smart-card-logon-on-windows-vista.aspx http://support.microsoft.com/kb/281245 From the artilce, we should know the Certificate for CA issuing smart Cart logon must be published to ADNtauthcertificates. Best regards, Jason Mei Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, How are things going? I have not heard back from you in a few days and wanted to check on the status of the problem. Please let me know how the troubleshooting turned out. Your time is appreciated.Best regards, Jason Mei Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.