Results 1 to 6 of 6

Thread: Smart Card Logon

  1. #1
    Join Date
    Sep 2004
    Posts
    74

    Smart Card Logon

    We have few PCs running with Windows XP and Windows 200 and all these systems are connected with a single network. So far users need to login using their username and password. But I want to restrict all of them to login with smart card through the local computer security policy. Note, I want to do this only for users and not for the Admin. So can you guys please tell me how can I do this keeping an exception for Administrator to use Smart Card logon?

  2. #2
    Join Date
    Sep 2004
    Posts
    90

    Re: Smart Card Logon

    Most probably that is not possible unless and until you delete the local policy registry entry for Smart Card enforcement by login in to Safe Mode. You need to do this because there is no way to add Local account to an exception lists however you can do this on a User and Computer based enforcement in the Active Directory Domain. Once in safe mode, you will need to delete the Smart Card enforcement through Regedit or HKLM hive . Let me know if you need any more help.

  3. #3
    Join Date
    Sep 2004
    Posts
    56

    Re: Smart Card Logon

    By going to Active Directory you can restrict userís account to use Smart Card logon but remember that it will applied for any domain computer that they logon to. Also exception for Administrator will be bit difficult because computer configuration Group Policy applies to all systems connected with the domain.

  4. #4
    Join Date
    Jul 2004
    Posts
    141

    Re: Smart Card Logon

    First of all the registry key that enables Smart Card enforcement is [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\system] "SCForceOption"=dword:00000001

    And as far as I know you can disable the enforcement by deleting SCForceOption or setting its DWORD Value to 0. Remember that you need to boot the system in Safe Mode and login as Admionistrator.

  5. #5
    Join Date
    Sep 2008
    Posts
    2

    Smart Card Logon

    Good suggestion in regedit thanks.

  6. #6
    Join Date
    Sep 2008
    Posts
    2
    Good suggestion in regedit thanks.

Similar Threads

  1. How to Install Java Card CAP File into a Smart Card
    By mysalmon in forum Software Development
    Replies: 2
    Last Post: 22-09-2011, 12:01 PM
  2. Smart card is required for interactive logon
    By In_the_desert in forum Windows Security
    Replies: 4
    Last Post: 20-08-2010, 12:04 PM
  3. Replies: 5
    Last Post: 21-07-2010, 04:20 AM
  4. Replies: 2
    Last Post: 27-05-2009, 06:50 PM
  5. Smart Card Certificate based logon with Windows XP SP2
    By Kr8zyCanuck in forum Operating Systems
    Replies: 2
    Last Post: 05-11-2008, 04:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •