Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


In order to use smartcard for windows logon, first you need to make sure that Active Directory Certificates Services is installed in Active Directory.Step 1: Configure Certificate Authority Templates, and then configure certificate authority templates. 

  • Lanuch Certificate Authority
  • Right click "Certificate Templates" -> "New" -> "Certificate Template to Issue"
    Image Removed
    Image Added

  • Select "Enrollement AgentSmartcard User", press "OK"
    Image Removed
  • Repeat the same process for "Enrollement Agent (Computer) " and "Smartcard User"

  • Image Added

  • You should see three the newly created certificate templates template in the template list
    Image Removed


Step 2: Enroll the Enrollement Agent Certificate

  • launch Microsoft Management Console (mmc)
  • Click "File"->"Add/Remove Snap-in..."->"Certificates"->"Add"->"My user account"->"Finish"->"OK"
    Image Removed
  • Expand "Certificates - Current User" -> "Personal"
  • Right click "Personal" ->"All Tasks" ->"Request New Certificate..."
    Image Removed
    Click "Next"
    Image Removed
    Select  "Enrollement Agent" and click "Enroll"
    Image Removed
    Now, you can find the newly enrolled certificate
    Image Removedlist

    Image Added