Test your skills
I am trying to logon to windows server 2003 using smart card logon. Wanted some help how to achieve this
This solution applies to Win Server 2003, Win Server 2003 R2, Win Server 2003 with SP1 and SP2
Step-by-step guide in setting up smart card for user logon:
1. Please log on as the enrollment agent. (This is for the domain where the user account is placed)
2. Launch IE.
3. Type the Certification Authority address that issue the smart card certificates and then hit the enter key.
4. Click Request a certificate and followed by advanced certificate request.
5. Click the Request a certificate for a smart card on behalf of another user using the smart card certificate enrollment station. Click Yes if on the alert Accept the smart card signing certificate.
6. Go to the Smart Card Certificate Enrollment Station website and then do this in the Certificate Template:
7. Click the name of the Certification Authority that you want to give the smart card certificate.
8. Select the CSP or the Cryptographic Service Provider of the smart card's manufacturer.
9. Go to the Administrator Signing Certificate and hit the Enrollment Agent certificate with whom who will sign the enrollment request.
10. Select User in User To Enroll. And then click Enroll.
11. When the system asked, insert the smart card in your computer's smart card reader and then click OK and enter the PIN number for the smart card if needed.
12. If there is a previous installed certificate on your smart card and you have been asked by your computer to replace it, click Yes.
13. When the certificate is already installed on the smart card, CA will ask you to view the certificate you just installed or begin with a new smart card certificate request.
I will advise you to use Vsec:CMS T-series a smart card management system by which you can handle your smart cards easily to operative OS. It’s a paid service but yes quite effective.
Please follow these steps to make it effective.
1. Download it - http://versatilesecurity.com/versatilesecurity-vsec-cms-reg.php,
2. Install the system,
3. Double click on the Vsec:CMS T-series icon to open it,
4. Click on Processes (See image below),
5. Click on “Issue Smart Card” and select the smart card details from the drop down menu,
6. Provide password and click on issue button,
7. Find users, contacts and groups to whom the card is assigned to,
8. Click on ok,
9. Now click on the “Initiate Smart Card” option, 10. Enter operator password and click ok,
11. Provide new user id and confirm it,
12. Click ok,
13. You will be prompted to Windows starting screen with a password to enter through SD Card, enter the password and it’s done.