Guest TRossi Posted February 12, 2008 Posted February 12, 2008 How do I configure Vista to allow me logon to my home computer using a DoD issued smart card. It is currently used to access my DoD e-mail and for e-signature authorization, and has the ability to logon to DoD owned systems & networks. The card reader and 3rd party software (Activeclient) are both cuurently installed and working properly -- R.L.T.W. Quote
Guest Paul Adare Posted February 12, 2008 Posted February 12, 2008 On Tue, 12 Feb 2008 13:28:01 -0800, TRossi wrote: <span style="color:blue"> > How do I configure Vista to allow me logon to my home computer using a DoD > issued smart card. It is currently used to access my DoD e-mail and for > e-signature authorization, and has the ability to logon to DoD owned systems > & networks. The card reader and 3rd party software (Activeclient) are both > cuurently installed and working properly</span> Unless your computer is joined to the domain/forest from which the card was issued, you can't use the card for logon. Smart card logon to a Windows system requires Kerberos authentication and in a work group environment you don't have Kerberos. -- Paul Adare MVP - Virtual Machines http://www.identit.ca One if by LAN, two if by C. -- Paul Revere, as told by John Karwoski Quote
Guest Allan Posted February 13, 2008 Posted February 13, 2008 "TRossi" <TRossi@discussions.microsoft.com> wrote in message news:B6B050D4-C163-4C67-9F7D-277E36C2686F@microsoft.com...<span style="color:blue"> > How do I configure Vista to allow me logon to my home computer using a DoD > issued smart card. It is currently used to access my DoD e-mail and for > e-signature authorization, and has the ability to logon to DoD owned > systems > & networks. The card reader and 3rd party software (Activeclient) are > both > cuurently installed and working properly > -- > R.L.T.W.</span> Why do you even want to be able to use a government-owned smart card on your personal computer? You need to set up a smart card for your own personal usage and keep the two applications separate for security reasons. I don't think you have thought this through properly. -- Allan Quote
Guest TRossi Posted February 13, 2008 Posted February 13, 2008 Paul, Is this a Vista OS issue? DoD owned laptops running XP which are issued by my HQ are configured to allow smart card login without network / domain connection. The initial smart card login requires netwrok / domain connection, but all usage after does not. And to be honest I have no idea what a Kerberos is. I am not an IT person just an end user with a bit more knowledge than the average joe. -- R.L.T.W. "Paul Adare" wrote: <span style="color:blue"> > On Tue, 12 Feb 2008 13:28:01 -0800, TRossi wrote: > <span style="color:green"> > > How do I configure Vista to allow me logon to my home computer using a DoD > > issued smart card. It is currently used to access my DoD e-mail and for > > e-signature authorization, and has the ability to logon to DoD owned systems > > & networks. The card reader and 3rd party software (Activeclient) are both > > cuurently installed and working properly</span> > > Unless your computer is joined to the domain/forest from which the card was > issued, you can't use the card for logon. Smart card logon to a Windows > system requires Kerberos authentication and in a work group environment you > don't have Kerberos. > > -- > Paul Adare > MVP - Virtual Machines > http://www.identit.ca > One if by LAN, two if by C. -- Paul Revere, as told by John Karwoski > </span> Quote
Guest Paul Adare Posted February 13, 2008 Posted February 13, 2008 On Wed, 13 Feb 2008 09:54:01 -0800, TRossi wrote: <span style="color:blue"> > Is this a Vista OS issue? DoD owned laptops running XP which are issued by > my HQ are configured to allow smart card login without network / domain > connection. The initial smart card login requires netwrok / domain > connection, but all usage after does not.</span> No, this is not a Vista issue. The DoD owned laptops are joined to one of the DoD domains which is why you can logon with the CAC. They need to be connected to the domain for the initial logon at which time logon credentials are cached. Once the credentials are cached, they can logon with no connection. Your home computer is not joined to one of the DoD domains so you'll never be able to use your CAC for logon. -- Paul Adare MVP - Virtual Machines http://www.identit.ca Overflow on /dev/null; please empty the bit bucket. Quote
Guest TRossi Posted February 13, 2008 Posted February 13, 2008 Paul, Thanks, not what I wanted to hear but now I know. -- R.L.T.W. "Paul Adare" wrote: <span style="color:blue"> > On Wed, 13 Feb 2008 09:54:01 -0800, TRossi wrote: > <span style="color:green"> > > Is this a Vista OS issue? DoD owned laptops running XP which are issued by > > my HQ are configured to allow smart card login without network / domain > > connection. The initial smart card login requires netwrok / domain > > connection, but all usage after does not.</span> > > No, this is not a Vista issue. The DoD owned laptops are joined to one of > the DoD domains which is why you can logon with the CAC. They need to be > connected to the domain for the initial logon at which time logon > credentials are cached. Once the credentials are cached, they can logon > with no connection. > Your home computer is not joined to one of the DoD domains so you'll never > be able to use your CAC for logon. > > -- > Paul Adare > MVP - Virtual Machines > http://www.identit.ca > Overflow on /dev/null; please empty the bit bucket. > </span> Quote
Guest Chief Posted March 8, 2008 Posted March 8, 2008 TRossi, Disregard the gentlemens answers below, they obviously do not know your needs for CAC login (AKO Guest Acct Management, LOGSA, HRC, etc. Here is what you need to do: 1. Login to AKO, go to "Quick Links" "CAC Resource Center" 2. Follow the instructions and download Active Client 6.0 or 6.1 (32 bit file) 3. Open the middleware (Active Client), go to the "Tools" tab, "Advanced", "Make Certificates Available to Windows" 4. Register your CAC with AKO (unless you have already done so from a military domain). This will get you going........... Chief Out "TRossi" wrote: <span style="color:blue"> > How do I configure Vista to allow me logon to my home computer using a DoD > issued smart card. It is currently used to access my DoD e-mail and for > e-signature authorization, and has the ability to logon to DoD owned systems > & networks. The card reader and 3rd party software (Activeclient) are both > cuurently installed and working properly > -- > R.L.T.W.</span> Quote
Guest Chief Posted March 8, 2008 Posted March 8, 2008 I forgot to mention if you need a driver for that older model reader for XP or Vista, go to http://www.scbsolutions.com/support.htm "TRossi" wrote: <span style="color:blue"> > How do I configure Vista to allow me logon to my home computer using a DoD > issued smart card. It is currently used to access my DoD e-mail and for > e-signature authorization, and has the ability to logon to DoD owned systems > & networks. The card reader and 3rd party software (Activeclient) are both > cuurently installed and working properly > -- > R.L.T.W.</span> Quote
Guest Gretchen Posted March 8, 2008 Posted March 8, 2008 Citibank virtual numbers Anyone know how to resolve the incompatibility issues with Vista and Citibank credit cards virtual card numbers? Thanks Quote
Guest Bob Posted March 8, 2008 Posted March 8, 2008 Re: Citibank virtual numbers Use the online version instead of the downloaded version. "Gretchen" <minermucker@jeffbb.net> wrote in message news:uBRpyAOgIHA.3780@TK2MSFTNGP06.phx.gbl...<span style="color:blue"> > Anyone know how to resolve the incompatibility issues with Vista and > Citibank credit cards virtual card numbers? > Thanks </span> Quote
Guest Kat Kirby Posted June 3, 2008 Posted June 3, 2008 I have to disagree - this is not a DoD problem. My personal desktop - which is running XP - was not issued by the government and has never been in their possession. However, XP allowed me to set up the reader and drivers and is working with no gliches using my DoD issued smart card. This has to be a Vista problem - I downloaded the drivers for another reader onto my laptop; seems to be working. But not allowing the website to see my certificate. Vista is telling me that it doesn't have enough information about the issuer. Sounds like a security setting....???? "Paul Adare" wrote: <span style="color:blue"> > On Wed, 13 Feb 2008 09:54:01 -0800, TRossi wrote: > <span style="color:green"> > > Is this a Vista OS issue? DoD owned laptops running XP which are issued by > > my HQ are configured to allow smart card login without network / domain > > connection. The initial smart card login requires netwrok / domain > > connection, but all usage after does not.</span> > > No, this is not a Vista issue. The DoD owned laptops are joined to one of > the DoD domains which is why you can logon with the CAC. They need to be > connected to the domain for the initial logon at which time logon > credentials are cached. Once the credentials are cached, they can logon > with no connection. > Your home computer is not joined to one of the DoD domains so you'll never > be able to use your CAC for logon. > > -- > Paul Adare > MVP - Virtual Machines > http://www.identit.ca > Overflow on /dev/null; please empty the bit bucket. > </span> Quote
Guest Paul Adare Posted June 4, 2008 Posted June 4, 2008 On Tue, 3 Jun 2008 16:11:01 -0700, Kat Kirby wrote: <span style="color:blue"> > I have to disagree - this is not a DoD problem. My personal desktop - which > is running XP - was not issued by the government and has never been in their > possession. However, XP allowed me to set up the reader and drivers and is > working with no gliches using my DoD issued smart card. This has to be a > Vista problem - I downloaded the drivers for another reader onto my laptop; > seems to be working. But not allowing the website to see my certificate. > Vista is telling me that it doesn't have enough information about the issuer. > Sounds like a security setting....????</span> You're comparing apples to oranges here. The original post was asking about using the CAC card to logon with, not simply to access a web site. <span style="color:blue"> > > "Paul Adare" wrote: > <span style="color:green"> >> On Wed, 13 Feb 2008 09:54:01 -0800, TRossi wrote: >> <span style="color:darkred"> >>> Is this a Vista OS issue? DoD owned laptops running XP which are issued by >>> my HQ are configured to allow smart card login without network / domain >>> connection. The initial smart card login requires netwrok / domain >>> connection, but all usage after does not.</span> >> >> No, this is not a Vista issue. The DoD owned laptops are joined to one of >> the DoD domains which is why you can logon with the CAC. They need to be >> connected to the domain for the initial logon at which time logon >> credentials are cached. Once the credentials are cached, they can logon >> with no connection. >> Your home computer is not joined to one of the DoD domains so you'll never >> be able to use your CAC for logon. >> >> -- >> Paul Adare >> MVP - Virtual Machines >> http://www.identit.ca >> Overflow on /dev/null; please empty the bit bucket. >></span></span> -- Paul Adare http://www.identit.ca Overflow on /dev/null; please empty the bit bucket. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.