I think that has to be enabled at the AD
end.
-----Original Message-----
From:
fed-talk-bounces+david.c.sanderson=email@hidden
[mailto:fed-talk-bounces+david.c.sanderson=email@hidden] On Behalf Of Monahan, Jim (Contractor)
Sent: Tuesday, November 15, 2005
4:15 PM
To: email@hidden
Subject: RE: More CAC issues [was-
[Fed-Talk] PKINIT and Kerberos
Ok...I understand what you are saying, so let me
clarify my thinking....
Prior to moving to AD, we used v2 of the
activecard client, which provided the ability to program the users ID,
password, and domain on the card. We did so; when they inserted the
card at the login screen, windows asked for the pin, then read the
UID/pw/domain from the cac card.
When we converted to AD, we removed v2 and installed
v3 of the activecard software.
Activecard 3 does not have the
option to configure uid/pw/domain.
or as you stated, that function may
have been disabled or removed by 'others'
Lacking that configuration option, I made the logical
leap that in order to be able to login via CAC, another version of activecard
will be needed, and that we will have to touch every machine to configure the
users cards, etc
Jim Monahan
Network Systems Engineer
RSI, Inc, A CIBER Company
Army Training Support Center
-----Original Message-----
From: Timothy J. Miller [mailto:email@hidden]
Sent: Tuesday, November 15, 2005
3:43 PM
To: Monahan, Jim (Contractor)
Cc: email@hidden
Subject: Re: More CAC issues [was-
[Fed-Talk] PKINIT and Kerberos