Re: Problem accessing smart card reader via Remote Desktop
anonymous_at_discussions.microsoft.com
Date: 09/09/04
- Next message: Craig: "Private Keys of Expired Certs"
- Previous message: Jerry Bryant [MSFT]: "Chat with Mike Nash - VP of Microsoft's Security Business Unit"
- In reply to: Jim Miller: "Re: Problem accessing smart card reader via Remote Desktop"
- Next in thread: Eric Perlin [MS]: "Re: Problem accessing smart card reader via Remote Desktop"
- Reply: Eric Perlin [MS]: "Re: Problem accessing smart card reader via Remote Desktop"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 8 Sep 2004 15:56:31 -0700
Well, I did some more testing and found out I was wrong.
The problem does not have anything to do with
whether 'terminal services for users' is enable or not on
the 2003 server. The problem is a result of what client
computer you're using to connect to the 2003 server.
If you make the remote desktop connection from a Windows
2000 box, then apps running within the remote desktop
session can't use the smart card or reader back at the
client because SCardEstablishContext returns the
error 'The Smart card resource manager is not running'.
However, if you make the remote desktop connection from an
Windows XP box everything works as expected.
SCardEstablishContext retuns success and apps running
within the remote desktop session can access the smart
card and reader back at the XP box.
Jim Miller
>-----Original Message-----
>[since this topic is almost a couple of weeks old I
>thought I post my reply as a new topic so it doesn't get
>overlooked]
>
>I've seen some unfortunate behavior when testing smart
>cards used within remote desktop connections to 2003
>servers. If the 2003 server has 'terminal services for
>users' enabled then the built-in PC/SC redirection works
>ok, but if only 'remote administration' is enabled (which
>is the default), then apps in the remote admin session
>(i.e. session id > 0) get the error 'The Smart card
>resource manager is not running' when they call
>SCardEstablishContext. Don't know why because it shows
up
>in the Services tool and session 0 apps are able to
>successfully call SCardEstablishContext.
>
>I suspect the smart card resource manager doesn't support
>multiple sessions unless 'terminal services for users' is
>enabled. This would be unfortunate if true for it would
>prevent remote administrators from authenticating to the
>2003 server with a smart card.
>
>Any word from one of you Microsoft people on whether the
>above suspicion is true?
>
>Jim Miller
>
>
>>-----Original Message-----
>>We have a computer with a smart card reader for belgian
>id card connected,
>>which contains a test id card.
>>
>>I can only develop for this card when sitting native on
>that machine. If I
>>do a remote desktop connection to that machine, and
start
>the belgian id
>>tool, I get the error message "Problem getting the
reader
>and card names".
>>
>>Unfortunatly I must be able to do that remotely.
>>
>>Any ideas?
>>
>>Thanks.
>>.
>>
>..
>
>
>.
>
- Next message: Craig: "Private Keys of Expired Certs"
- Previous message: Jerry Bryant [MSFT]: "Chat with Mike Nash - VP of Microsoft's Security Business Unit"
- In reply to: Jim Miller: "Re: Problem accessing smart card reader via Remote Desktop"
- Next in thread: Eric Perlin [MS]: "Re: Problem accessing smart card reader via Remote Desktop"
- Reply: Eric Perlin [MS]: "Re: Problem accessing smart card reader via Remote Desktop"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
