Re: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
Re: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
- Subject: Re: More CAC issues [was- [Fed-Talk] PKINIT and Kerberos
- From: "Timothy J. Miller" <email@hidden>
- Date: Tue, 15 Nov 2005 14:42:46 -0600
Monahan, Jim (Contractor) wrote:
The ability to login to the network using CAC was removed when we
upgraded (Windows) users from v2 to v3 of the activecard cleint, so we
will have to either install a new version and/or reconfigure the
existing Activecard client on each machine for network login/2 part
authentication, as well as verify the users know their pins (many here
do not),etc....obviously a large undertaking (deployment planning, etc).
Windows smartcard logon (SCL) only needs the ActivCard client for the
CSP interface to the card edge in CAPI. At logon, ActivCard isn't
running, so moving from v2 to v3 doesn't impact SCL at all.
This isn't to say that someone didn't do something *else* at the same
time that disabled SCL.
(FWIW my day job is supporting the AF PKI SPO, so I'm pretty sure about
this part. ;)
-- Tim
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden