Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 9:49 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 3 posts ] 
Author Message
PostPosted: Tue Jan 20, 2015 10:39 pm 
Offline

Joined: Wed Dec 24, 2014 11:38 am
Posts: 4
I have two Neo's, both are configured as Smart Card's, with certificates from my internal PKI.

I can use them to log on to my Windows 7/8.1 desktops/laptops, just fine.

I can log on to a Windows Server 2008 R2 physical server, I just need to allow it to self install the drivers first.

If I try to use RDP to connect from the Windows 8.1 machine to the Windows 7 machine, I can log on fine.

However, if I try to log onto the same Windows 2008 R2 server hardware (as above) via RDP, the Smart Card is not recognized, so cannot be used to log on.

It seems like any server that I try to use the smart card on (via RDP), the pre-authentication works, getting me to the "Legal Warning" dialog box. Once that is "OK'ed", the standard log on dialog is presented, without the ability to use a smart card.

Note that the RDP client is configured to pass through the smart card device. I have tested against Server 2008 R2, Server 2012 (R2 and Non-R2).

Before I go digging too far down the rabbit hole, am I missing something blindly obvious?

TIA!


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Thu Feb 05, 2015 9:09 am 
Offline
Site Admin
Site Admin

Joined: Mon Dec 08, 2014 2:52 pm
Posts: 314
I can confirm it works fine on 2012 R1 R2

Is it PIV supported in 2008 R2, don't you need drivers?


Top
 Profile  
Reply with quote  
PostPosted: Thu Feb 19, 2015 1:20 pm 
Offline

Joined: Wed Dec 24, 2014 11:38 am
Posts: 4
I was missing something blindingly obvious!

Just had to make a few GPO changes related to RDP, I noticed that Smart Card redirection was actively disabled (Do not allow smart card device redirection) - god knows why this was ever set!

Anyway, now that this has been un-configured, smart card logon to my servers works fine!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 10 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group