Smart Card not authenticating over RDP

rsammas 171 Reputation points
2021-03-24T19:53:52.583+00:00

Hello,

I administer an all Mac end-user environment. We are working towards building a Windows terminal server so some of our admins can access some IE only sites on our intranet rather than have an individual VMs.

I have a test VM with root certificates installed that I am RDPing into. When I use the VMWare USB forwarding function, I can authenticate without issues. When I try over RDP, I get the following message:

The smart card cannot perform the requested operation or the operation requires a different smart card.

81199-screen-shot-2021-03-22-at-42104-pm.png

I am never prompted for my pin either. I also have ensured the "Smart cards" box is checked for this RDP connection.

81278-screen-shot-2021-03-22-at-41832-pm.png

The system clearly sees the reader and the card, but there must be some sort of communication error, as the commands sent to the card do work.

Any suggestions would be greatly appreciated :)

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,225 questions
0 comments
Accepted answer
  1. rsammas 171 Reputation points
    2021-03-30T23:38:57.663+00:00

    Following up, here. I figured out the solution was corruption of my fresh windows VM. The following solution resolved my issue:

    https://answers.microsoft.com/en-us/windows/forum/all/problem-with-bits-service-the-requested-service/e2dee3af-9cb3-4c86-b7ff-719062543350?tm=1589910102970

    To make things more complicated, it broke on my next try at authenticating. Through more troubleshooting, I discovered that IE 11 was breaking this functionality. The site I'm authenticating agains must not have good IE 11 functionality. After trying the fix again, and using Edge instead of IE, I was able to authenticate several times without it breaking

    Thank you, @Carl Fan for your initial reply!

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Carl Fan 6,836 Reputation points
    2021-03-25T07:06:56.947+00:00

    Hi,
    According to your description, If your smart card login works normally when you are physically at a workstation, but you receive the error when using a smart card over RDP, I consider that the Smart Card driver is loaded on the local system but not on the destination you are connecting to.
    Please start certificate propagation service and check. Please follow these steps.
    a. Press Windows + X keys and click command prompt(admin).
    b. In command prompt, type the following command and press Enter.
    net start certpropsvc
    Then try to reinstall the original driver to check.
    Hope this helps and please help to accept as Answer if the response is useful.
    Best Regards,
    Carl