Windows 10: We are implementing on W2K10\11 machines MFA using interactive smart card card logons and...

Discus and support We are implementing on W2K10\11 machines MFA using interactive smart card card logons and... in Windows Hello & Lockscreen to solve the problem; We are implementing on W2K10\11 machines MFA using interactive smart card card logons and enabling hello so when the user pulls the card it locks. The... Discussion in 'Windows Hello & Lockscreen' started by Mike Berenato, Sep 22, 2023.

  1. MIKE BERENATO
    Mike Berenato Win User

    We are implementing on W2K10\11 machines MFA using interactive smart card card logons and...


    We are implementing on W2K10\11 machines MFA using interactive smart card card logons and enabling hello so when the user pulls the card it locks. The system works fine no issues for the most part. My question is im the admin and we have remote users. Is there any way to get admin privilege's via any remote tool. We use teamviewer which works fine full install when i connect and do admin stuff say cmd w admin priv... it pops up a window and says the user needs to add in credentials. On the remote pc it has the u\n & p\w screen. Obviously they dont have the rights. Any help would be g

    :)
     
    Mike Berenato, Sep 22, 2023
    #1
  2. CAPTAIN FUTURE
    Captain Future Win User

    Smart card is required for interactive logon and windows mobile

    No.... I am not developing an application...

    It is a general question about connecting windows mobile clients remotely (over a secure reverse proxy etc.), when the domain feature (Smartcard is required for interactive logon) on a user base is active...

    What do you do then?

    It is not possible to insert a separate smart card into the mobile which contains the certificates used for the domain authentication? Or is it?

    Thanks for an answer
     
    Captain Future, Sep 22, 2023
    #2
  3. TYLER789
    Tyler789 Win User
    Group Policy Interactive Logon smart card enforced with admin username and password enabled?

    Hello,

    I have a gpo setup to enforce interactive logon: smart card authentication on some of the computers in my domain. That works as it should. Group policy is applied to my group of computers and users are forced to insert their card and logon with their pin.
    No problem there.

    Here is my question: It possible to leave that intact but allow a subset of admin accounts to be used normally (username/password) on those computers? Essentially I want to enforce smart cards but allow our admins to still elevate privileges normally without
    having to create them admin smart cards.

    Thank you.
     
    Tyler789, Sep 22, 2023
    #3
  4. Зайнетдинов Эльгис Тахирович
    Зайнетдинов Эльгис Тахирович Win User

    We are implementing on W2K10\11 machines MFA using interactive smart card card logons and...

    Require Windows Hello or smart card

    Hello

    When I enabled security policy Interactive logon: Require Windows Hello or smart card with enabled service "Windows Hello" and configured Domain Logon with bio (fingerprint), I can't logon with Hello, only smart-card.

    What did I do wrong?

    Used Windows 10 1703 (15063.447)
     
    Зайнетдинов Эльгис Тахирович, Sep 22, 2023
    #4
Thema:

We are implementing on W2K10\11 machines MFA using interactive smart card card logons and...

Loading...

  1. We are implementing on W2K10\11 machines MFA using interactive smart card card logons and... - Similar Threads - are implementing W2K1011

  2. Smart card logon on windows says "Signing with a smart card isn't supported for your...

    in Windows Hello & Lockscreen
    Smart card logon on windows says "Signing with a smart card isn't supported for your...: Have configured an ECDSA_P256 smart card logon certificate template on windows server 2019 DC and issued it to get enrolled on client PC.the certificate template gets enrolled well on the smart card token via mmc.exe 0 -> Add / Remove Snap-in -> Certificates -> add -> ok.in...

  3. Smart card logon on windows says "Signing with a smart card isn't supported for your...

    in Windows 10 Gaming
    Smart card logon on windows says "Signing with a smart card isn't supported for your...: Have configured an ECDSA_P256 smart card logon certificate template on windows server 2019 DC and issued it to get enrolled on client PC.the certificate template gets enrolled well on the smart card token via mmc.exe 0 -> Add / Remove Snap-in -> Certificates -> add -> ok.in...

  4. Smart card logon on windows says "Signing with a smart card isn't supported for your...

    in Windows 10 Software and Apps
    Smart card logon on windows says "Signing with a smart card isn't supported for your...: Have configured an ECDSA_P256 smart card logon certificate template on windows server 2019 DC and issued it to get enrolled on client PC.the certificate template gets enrolled well on the smart card token via mmc.exe 0 -> Add / Remove Snap-in -> Certificates -> add -> ok.in...

  5. We are implementing on W2K10\11 machines MFA using interactive smart card card logons and...

    in Windows 10 Gaming
    We are implementing on W2K10\11 machines MFA using interactive smart card card logons and...: We are implementing on W2K10\11 machines MFA using interactive smart card card logons and enabling hello so when the user pulls the card it locks. The system works fine no issues for the most part. My question is im the admin and we have remote users. Is there any way to get...

  6. We are implementing on W2K10\11 machines MFA using interactive smart card card logons and...

    in Windows 10 Software and Apps
    We are implementing on W2K10\11 machines MFA using interactive smart card card logons and...: We are implementing on W2K10\11 machines MFA using interactive smart card card logons and enabling hello so when the user pulls the card it locks. The system works fine no issues for the most part. My question is im the admin and we have remote users. Is there any way to get...

  7. Certificate/PKI/Smart Card Logon

    in Windows 10 Gaming
    Certificate/PKI/Smart Card Logon: Hello,I am having an issue with authenticating users in an air gapped network after a patch. Any users prior created in AD prior to May 2022, can still authenticate with the server. However, if I create a new test account and attach my X.509 to altSecurityID attribute, I get...

  8. Certificate/PKI/Smart Card Logon

    in Windows 10 Software and Apps
    Certificate/PKI/Smart Card Logon: Hello,I am having an issue with authenticating users in an air gapped network after a patch. Any users prior created in AD prior to May 2022, can still authenticate with the server. However, if I create a new test account and attach my X.509 to altSecurityID attribute, I get...

  9. Smart Card Authentication and Cached Logons

    in AntiVirus, Firewalls and System Security
    Smart Card Authentication and Cached Logons: Hello,Scenario:Windows 10 laptops are PIV Enforced Smart cards are required to log on to the OSUser has been remote for over a year COVIDVPN is split tunnelMany users are overseas with low bandwidth connectionMost work can be done without direct access to on-prem resources,...

  10. Problems with authentication on domain using smart card logon

    in Windows 10 Installation and Upgrade
    Problems with authentication on domain using smart card logon: Dear MS Support, we're using Smart Card logon as second method of our users to sign into domain based PCs. After latest Servicing Stack update KB4586863 and Cumulative update KB4586786, logon with smart card stopped working with this message: "This smart card could not be...