|
Posted by Craigster on September 1, 2005, 4:24 pm
Please log in for more thread options
Hi,
I have deployed smart cards from our internal Cert Server and all is working
well except the following:
Situation 1: User is logged into PC with smart card. User opens IE which is
proxied to ISA 2004 and user is in "Internet Enabled" group. User account
does NOT have Smart Card Required for interactive logon checked in AD Users
and COmputers, meaning at this point Smart Card is optional. IE works fine
and AUTO authenticates user to ISA and user gets internet pages.
Situation 2: To fully deploy the Smart cards, I check the box to "Require
Smart Card for Interactive Logon" in AD U&C which requires user to login
with Smart Card only. Everything works as normal, except when opening IE,
now ISA keeps asking for authentication with pop up, but will not accept
users name and password I'm guessing because one of the things that happens
when switching is AD scrambles the password of the user.
What config changes need to be done at the ISA server that it is not
recognising the users logon with the smart card?
Thanks,
Craig
| 
XML Sitemap