Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In order to use smartcard for windows logon, first you need to make sure that Active Directory Certificates Services is installed in Active Directory, and then configure certificate authority templates.

Step 1: Configure Certificate Authority Templates

 

  • Lanuch Certificate Authority
  • Right click "Certificate Templates" -> "New" -> "Certificate Template to Issue"
    Image Removed
    Image Added

  • Select "Enrollement AgentSmartcard User", press "OK"
    Image Removed
  • Repeat the same process for "Enrollement Agent (Computer) " and "Smartcard User"

  • Image Added

  • launch Microsoft Management Console (mmc)
  • Click "File"->"Add/Remove Snap-in..."->"Certificates"->"Add"->"My user account"->"Finish"->"OK"
    Image Removed
  • Expand "Certificates - Current User" -> "Personal"
  • Right click "Personal" ->"All Tasks" ->"Request New Certificate..."
     
    Image Removed
    Click "Next"
    Image Removed
    Select  "Enrollement Agent" and click "Enroll"
    Image Removed
  • Now, you can find the newly enrolled certificate
     
    Image Removed
  • You should see three the newly created certificate templates template in the template list
    Image Removed

 

Step 2: Enroll the Enrollement Agent Certificate


  • Image Added