Yubico Forum https://forum.yubico.com/ |
|
Windows 10 AD Logon https://forum.yubico.com/viewtopic.php?f=23&t=2367 |
Page 1 of 2 |
Author: | TSM [ Tue Jul 12, 2016 6:50 pm ] |
Post subject: | Windows 10 AD Logon |
I have setup my key in our Windows CA, I can do initial login on windows 7 machines without an but not windows 10, all I get in the error log is the message below. I am able to unlock a machine with my key though on W10. Code: An error occurred while signing a message using the inserted smart card: An unexpected card error has occurred. Is there a problem or should the certificate have been setup differently from the guide. |
Author: | porloepp [ Thu Oct 13, 2016 8:14 am ] |
Post subject: | Re: Windows 10 AD Logon |
Hi, I have the Same Problem, but only tested with Windows 10. Could anybody help ?? Regards, Frank |
Author: | mattlegitt [ Thu Oct 13, 2016 7:41 pm ] |
Post subject: | Re: Windows 10 AD Logon |
Hello Frank, Can you please provide details as to your setup? What version of Windows are you using for your CA? Windows 2008 or Windows 2012? Best Regards, Matthew Yubico Support |
Author: | matthewarmitage [ Mon Nov 21, 2016 7:31 pm ] |
Post subject: | Re: Windows 10 AD Logon |
My Team is experiencing this exact problem as well. Windows 10, and 8.1 logon doesn't work, however "run as", RDP sessions, and Windows 7 logons work. Also unlocking computers works as well. We have a 2008r2 CA. I followed the documentation at https://www.yubico.com/wp-content/uploa ... _FINAL.pdf as best I could, but due to the interface being a bit different, there are a few changes. Any luck solving this? |
Author: | sep1 [ Mon Nov 28, 2016 11:52 am ] |
Post subject: | Re: Windows 10 AD Logon |
We have same problem, Windows 10 machines with 2012 r2 CA and 2012 r2 AD environment I'm only able to open locked sessions with smart card but not log in to windows 10 machines. |
Author: | k1k1 [ Fri Dec 02, 2016 6:36 pm ] |
Post subject: | Re: Windows 10 AD Logon |
I also have the exact same problem. Please advise! |
Author: | dnbrown [ Fri Dec 02, 2016 8:00 pm ] |
Post subject: | Re: Windows 10 AD Logon |
I have my environment setup with AD 2012 R2/CA 2012 R2 and working fine with Win7/10 using YK4's via PIV. Let me know if I can be of assistance. |
Author: | k1k1 [ Sun Dec 04, 2016 9:04 pm ] |
Post subject: | Re: Windows 10 AD Logon |
Hi I got this from support, so I'm really interested in how you did get it to work for Windows 10? // We have confirmation from Microsoft this is indeed a bug in the Smart-Card authentication on Windows, the bug only affects the YubiKey as it contains multiple applets and the Smart-Card authentication process in Windows 10 does not properly send the applet select command to select the CCID applet for authentication, unfortunately the fix for this will not be available until the next Anniversary update for Windows due out in Spring 2017. we are continuing to work with Microsoft in hoping we can persuade them to release the fix sooner. The bug was introduced when Microsoft began to make changes to the authentication providers as they have begun to deprecate some legacy cryptographic algorithms such as SHA-1. |
Author: | dnbrown [ Mon Dec 05, 2016 3:04 pm ] |
Post subject: | Re: Windows 10 AD Logon |
I sent you a PM so that we can figure this out and we can come back here to post what we found. I never have run into this error. We have been running PIV for about a year with 450 users. |
Author: | k1k1 [ Tue Dec 06, 2016 9:16 pm ] |
Post subject: | Re: Windows 10 AD Logon |
I can't answer to your PM, I'm not trusted Can someone help me? |
Page 1 of 2 | All times are UTC + 1 hour |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |