Vista logon with smart card

  • Thread starter Thread starter TRossi
  • Start date Start date
T

TRossi

How do I configure Vista to allow me logon to my home computer using a DoD
issued smart card. It is currently used to access my DoD e-mail and for
e-signature authorization, and has the ability to logon to DoD owned systems
& networks. The card reader and 3rd party software (Activeclient) are both
cuurently installed and working properly
 
How do I configure Vista to allow me logon to my home computer using a DoD
issued smart card. It is currently used to access my DoD e-mail and for
e-signature authorization, and has the ability to logon to DoD owned systems
& networks. The card reader and 3rd party software (Activeclient) are both
cuurently installed and working properly

Unless your computer is joined to the domain/forest from which the card was
issued, you can't use the card for logon. Smart card logon to a Windows
system requires Kerberos authentication and in a work group environment you
don't have Kerberos.
 
TRossi said:
How do I configure Vista to allow me logon to my home computer using a DoD
issued smart card. It is currently used to access my DoD e-mail and for
e-signature authorization, and has the ability to logon to DoD owned
systems
& networks. The card reader and 3rd party software (Activeclient) are
both
cuurently installed and working properly
Why do you even want to be able to use a government-owned smart card on your
personal computer? You need to set up a smart card for your own personal
usage and keep the two applications separate for security reasons. I don't
think you have thought this through properly.
 
Paul,

Is this a Vista OS issue? DoD owned laptops running XP which are issued by
my HQ are configured to allow smart card login without network / domain
connection. The initial smart card login requires netwrok / domain
connection, but all usage after does not. And to be honest I have no idea
what a Kerberos is. I am not an IT person just an end user with a bit more
knowledge than the average joe.
 
Is this a Vista OS issue? DoD owned laptops running XP which are issued by
my HQ are configured to allow smart card login without network / domain
connection. The initial smart card login requires netwrok / domain
connection, but all usage after does not.

No, this is not a Vista issue. The DoD owned laptops are joined to one of
the DoD domains which is why you can logon with the CAC. They need to be
connected to the domain for the initial logon at which time logon
credentials are cached. Once the credentials are cached, they can logon
with no connection.
Your home computer is not joined to one of the DoD domains so you'll never
be able to use your CAC for logon.
 
TRossi,
Disregard the gentlemens answers below, they obviously do not know your
needs for CAC login (AKO Guest Acct Management, LOGSA, HRC, etc.

Here is what you need to do:
1. Login to AKO, go to "Quick Links" "CAC Resource Center"
2. Follow the instructions and download Active Client 6.0 or 6.1 (32 bit file)
3. Open the middleware (Active Client), go to the "Tools" tab, "Advanced",
"Make Certificates Available to Windows"
4. Register your CAC with AKO (unless you have already done so from a
military domain).

This will get you going...........
Chief Out
 
Anyone know how to resolve the incompatibility issues with Vista and
Citibank credit cards virtual card numbers?
Thanks
 
I have to disagree - this is not a DoD problem. My personal desktop - which
is running XP - was not issued by the government and has never been in their
possession. However, XP allowed me to set up the reader and drivers and is
working with no gliches using my DoD issued smart card. This has to be a
Vista problem - I downloaded the drivers for another reader onto my laptop;
seems to be working. But not allowing the website to see my certificate.
Vista is telling me that it doesn't have enough information about the issuer.
Sounds like a security setting....????
 
I have to disagree - this is not a DoD problem. My personal desktop - which
is running XP - was not issued by the government and has never been in their
possession. However, XP allowed me to set up the reader and drivers and is
working with no gliches using my DoD issued smart card. This has to be a
Vista problem - I downloaded the drivers for another reader onto my laptop;
seems to be working. But not allowing the website to see my certificate.
Vista is telling me that it doesn't have enough information about the issuer.
Sounds like a security setting....????

You're comparing apples to oranges here. The original post was asking about
using the CAC card to logon with, not simply to access a web site.
 
Back
Top