Re: Disabled Smartcard logon?

Sektor
Date: 01/12/05 

Date: Wed, 12 Jan 2005 09:33:19 +0100

If I not mistaken the Smartcard Logon is enabled only if your PC is in a
domain.
So if your machine is not joined to a domain no options will be displayed.

Hope that's help.
Sektor

"Mats Pettersson" <MatsPettersson@discussions.microsoft.com> wrote in
message news:5D38E15E-80E9-4EF9-A45E-3494826234BD@microsoft.com...
> Yes, the vendor supplies such service and I'm already using it in my calls
> from the csp. The problem I'm having is that the service/app somehow
> prevents
> the Smartcard Logon GINA option from being displayed. The system does not
> react to a smartcard insertion, which makes it impossible for me to test
> my
> csp for winlogon.
>
> - Is there another way to stop Windows from displaying the "Put in a
> smartcard" message during logon? For example a registry setting?
>
> - Any idea how I can enable it again?
>
> Thanks
> /Mats
>
>
> "lelteto" wrote:
>
>> Well, EXCLUSIVE mode is exclusive mode, ie. once you opened the read with
>> exclusive mode others cannot connect. That is how it should be anyway.
>> When
>> this is the case and you want to use the card from more than one app /
>> service you need to create a dedicated SERVICE which mediates access to
>> the
>> card. Applications (including GINA) should connect to the service, not
>> directly to the reader.
>> Ask the vendor if they have such service which you can use from your CSP
>> code.
>>
>> Laszlo Elteto
>> SafeNet, Inc.
>>
>> "Mats Pettersson" wrote:
>>
>> > Hi,
>> > I'm writing a CSP to be used for Smartcard Logon in Windows XP. I also
>> > have
>> > an other application and service that connects to my smartcard reader
>> > with
>> > SCardConnect with the option EXCLUSIVE MODE. All my calls to the
>> > smartcard
>> > goes throw this application.
>> >
>> > The problem I'm having is that the GINA does not react when a smartcard
>> > reader is present, ones my security services sets the reader in
>> > exclusive
>> > mode. Hence the option press "Ctrl - Alt - delete" or "put in a Smart
>> > card"
>> > is not shown just the default "Ctrl-Alt-Delete". This makes it
>> > impossible for
>> > me to use SmartCard Login.
>> >
>> > I have written a test code and the low level calls
>> > SCardEstablishContext,
>> > SCardListReaders, SCardGetStatusChange works. I installed a pt-GINA and
>> > made
>> > the listed calls from there and they all worked (after the application
>> > started).
>> >
>> > But I still encounter the same problem that only the default message is
>> > displayed. Or to be more precise the "Put in a smart card" message is
>> > shown
>> > for about a second then the security service starts and only the
>> > default
>> > message is displayed.
>> >
>> > I have been in contact with the vendor and according to them the only
>> > thing
>> > they do is connecting to the smartcard in EXCLUSIVE MODE. I have also
>> > removed
>> > there application/service and then every thing worked fine. I'm
>> > therefore
>> > sure that it is causing the problem.
>> >
>> > - Is there another way to stop Windows from displaying the "Put
>> > in a
>> > smartcard" message during logon? For example a registry
>> > setting?
>> >
>> > - Is there a way to activate this functionality again?
>> >
>> > Thanks
>> > /Mats
>> >
>> > "Eric Perlin [MS]" wrote:
>> >
>> > > Winlogon has to make a few low level smartcard calls before the CSP
>> > > can be
>> > > invoked: SCardEstablishContext, SCardListReaders,
>> > > SCardGetStatusChange,
>> > > SCardListCards and SCardGetCardTypeProviderName.
>> > > The fact that the default message is still displayed indicates that
>> > > one of
>> > > the first 2 calls fails!
>> > > How is the other application connecting to the reader/card?
>> > > --
>> > > Eric Perlin [MS]
>> > > This posting is provided "AS IS" with no warranties, and confers no
>> > > rights.
>> > > ---
>> >
>> >

Relevant Pages

  • Re: Windows logon through smart card.
    ... On Feb 6, 11:25 pm, Eric Perlin [MSFT] ... You need a CSP. ... It's not considered a smartcard logon. ... Now there is a much simpler option using a Microsoft Base Smart Card ...
    (microsoft.public.platformsdk.security)
  • Re: Windows logon through smart card.
    ... PKCS applications use PKCS libs. ... You need a CSP. ... It's not considered a smartcard logon. ... Now there is a much simpler option using a Microsoft Base Smart Card ...
    (microsoft.public.platformsdk.security)