Using Smartcard authentication is a case of selecting it from the authentication options. Are you actually looking for assistance in creating the whole PKI environment that you need to have in place?
Keith Alabaster - MVP/Forum Moderator
- Edited by Keith AlabasterMVP, Moderator Saturday, March 12, 2011 12:13 PM
Thank you answhere.
No, we have Active Directory with Enterprise CA. The UAG join to the AD. I don't find, where the smart card authentication options in the UAG. I create https trunk. I set everything, but I don't find the smart card authentication. If I open the default UAG portal (test.com), I can use only the username and password authetication.
The article provided by Ran is very useful. I used it a lot, and has always make my authenticcation by certificates with successful.
Take care about the "match" between one (ore more) field from the certificates againts your LDAP server.
In some case, you have to modify the repositorytype.xml, in the goal to add another attribute for the login in your LDAP field (like CN, ...). This value had to be <LoginNameAttr>
The best way for troubleshoot this scenraio is to use first Netmon on UAG. With Netmon, you will be able to capture the LDAP Query.
Then, open ldp.exe and reproduce the LDAP Query. If you have 0 or 2 (or more results) the authentication will failed. You will have to refine your query (by looking for the good LDAP attributes).
Hope I'm clear.
GIRAUD Alexandre - MVP Forefront France http://www.alexgiraud.net/blog