none
Remote logon with smart card

    Question

  • I am adding smart card support to an existing remote control application.

    My research has led me to the conclusion that I need to read credentials from the local smart card, transport them to the remote workstation and use them in a credential provider there to  perform an interactive logon. I have been led to believe this by my inability to find another way, however I have not gotten this to work either, so I need to validate the approach.

    Is this the correct approach?

    Wednesday, March 30, 2016 9:55 PM

All replies

  • Hi Dan

     

    What is your exact environment?

    What is the remote control application?

    .

    To enable user logon with smart card on clients, we need deploy a Remote Desktop Services server.

    Here is a link about how to deploy the Standard deployment type of Remote Desktop Service server.

    http://social.technet.microsoft.com/wiki/contents/articles/12180.deploying-the-rds-standard-deployment-type-in-windows-server-2012-for-session-virtualization.aspx

    When setting up Web SSO with RD Gateway in properties of deployment you can configure “Use RD Gateway credentials for remote computers” and under that there is option to select the logon method where you can specify by Smart card Authentication.

    After deploying Remote Desktop Services server, the Key Distribution Center (KDC) certificate must be present on the RDC client computer.

    We could verify it using certutil command. Here is a link about Smart Card and Remote Desktop Services for your reference.

    https://technet.microsoft.com/en-us/library/ff404286%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    lastly, when try to remote connect, we need make sure the smart card is checked on the local resources tab.

    For remote desktop services issues, we have a specific forum, they may have more suitable solutions for you.

    https://social.technet.microsoft.com/Forums/en-US/home?forum=winserverTS

    .

    Best regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.




    Sunday, April 3, 2016 10:37 AM
    Moderator
  • Rick,

    Thanks for the reply.

    The remote control program is LANDESK remote control. It is part of an endpoint management solution called LANDESK Management Suite. It a mature remote control solution written in C and C++. 

    I have unmarked your reply as a proposed answer because I don't see how installing and/or configuring Microsoft RDP services helps me add remote smart card logon to our remote control product. Have I misunderstood what you were proposing?

    Thanks again

    Dan

    Tuesday, April 5, 2016 7:27 PM
  • Hi Dan,

    The LANDESK remote control is a remote control program provide by LANDESK, right?

    .

    This is a 3rd program, we are not quite familiar with it.

    The first link I posted here is about how to deploy the Remote Desktop Service server.

    But, based on your situation, I think we’d better to contact to the LANDESK support for suitable solutions. They are more familiar with their products.

    LANDESK Support

    http://www.landesk.com/support/

    .

    Best regards.


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.


    Friday, April 8, 2016 11:23 AM
    Moderator