locked
Compatible Smart Cards RRS feed

  • Question

  • Hello everyone,

    Hopefully you can help me out with the following.
    I have windows 7 clients and a windows server 2012 r2 server running PKI.

    I recently ordered an omni card reader 3121.
    I als bought several smart cards like the CHIP SLE 4428 and the CHIP SLE5542.
    Neither of them are supported in Windows.

    Case:
    I installed the smartcard reader with the corresponding drivers and I can see that it has been installed succesfully in device manager. However when I enter a smartcard in the card reader it sees the card as a new hardware and want to install drivers for it. However, it can't find any driver on windows update and the supplier of the card doesn't know anything about drivers.

    Does anyone of you know which smartcard is supported with Windows 7 & 8 and has at least a chip for a 2KB cert.

    Goal:
    I would like to achieve smartcard logons so users in my domain can logon with a smart card but I just can't seem to find a smartcard to enter in my card reader in which Windows has a native driver.

    I would really appreciate all the help in this as this is driving me crazy for weeks now.

    Many thanks in advance.


    Andre

    Thursday, April 30, 2015 4:47 PM

Answers

  • I would look to a product that relies on the Microsoft Smart Card minidriver model - such as the Gemalto IDPrime type Smartcard http://www.gemalto.com/identity/authentication-products#IDPrime.


    Mark B. Cooper, President and Founder of PKI Solutions Inc., former Microsoft Senior Engineer and subject matter expert for Microsoft Active Directory Certificate Services (ADCS). Known as “The PKI Guy” at Microsoft for 10 years. Connect with Mark at http://www.pkisolutions.com

    • Marked as answer by dre2008 Sunday, May 3, 2015 10:37 AM
    Thursday, April 30, 2015 6:20 PM
  • To add to Mark's answer, any smart card based on the smart card Base CSP should work out of the box, as the mini-driver must be downloadable to be certified.

    That being said, it all depends on the standards you wish to follow. If things like FIPS 201 or PIV-C are being tossed around your organization, then you need different smart cards (Java based).

    This means that smart cards are just part of the purchase. You also need to purchase middleware and the associated CSP/KSP for the smart cards

    Brian

    • Marked as answer by Amy Wang_ Monday, June 15, 2015 6:03 AM
    Friday, May 1, 2015 11:43 PM

All replies

  • I would look to a product that relies on the Microsoft Smart Card minidriver model - such as the Gemalto IDPrime type Smartcard http://www.gemalto.com/identity/authentication-products#IDPrime.


    Mark B. Cooper, President and Founder of PKI Solutions Inc., former Microsoft Senior Engineer and subject matter expert for Microsoft Active Directory Certificate Services (ADCS). Known as “The PKI Guy” at Microsoft for 10 years. Connect with Mark at http://www.pkisolutions.com

    • Marked as answer by dre2008 Sunday, May 3, 2015 10:37 AM
    Thursday, April 30, 2015 6:20 PM
  • To add to Mark's answer, any smart card based on the smart card Base CSP should work out of the box, as the mini-driver must be downloadable to be certified.

    That being said, it all depends on the standards you wish to follow. If things like FIPS 201 or PIV-C are being tossed around your organization, then you need different smart cards (Java based).

    This means that smart cards are just part of the purchase. You also need to purchase middleware and the associated CSP/KSP for the smart cards

    Brian

    • Marked as answer by Amy Wang_ Monday, June 15, 2015 6:03 AM
    Friday, May 1, 2015 11:43 PM
  • Hey Mark, 

    Thanks, I ordered them yesterday and will let you know if this is the correct card which suites my needs. 

    Brian,
    Thanks for the additional information, I didn't know that CSP should work OOB as it is only certified if the driver is downloadable. Thanks. However, I don't know anything about standards of PKI like FIPS201 or PIV-C. Do you have some read up on it? Thanks


    Andre

    Saturday, May 2, 2015 9:30 AM
  • Hi Mark,

    you are right, the card works on windows 7 but needs the driver downloaded on win2k12 and windows 8, no problem.

    Do you perhaps know how to reset a smartcards pin?

    For example I just enrolled a certificate on behalve of a user on my smartcard but now I would like to reset the pin in the case the user forgots it. How do I do this?


    Andre

    Sunday, May 3, 2015 10:38 AM