question

Fred4230 avatar image
0 Votes"
Fred4230 asked JasonFertig-0847 commented

Smartcard PIN Cache - is it configurable?

I am trying to reduce the number of times Windows Security prompts the user for their smart card PIN but not sure where to look, is it from the vendor, is it a GPO or is it based on the type of crypto provider chosen for the user's smartcard?

My simple scenario is user is logs on to their Win 10 client using their smartcard + PIN, they launch a browser to an ADFS aware client, the user is asked to choose their certificate and is prompted for a PIN. Now is it possible for this prompt to be removed as they have already authenticated?

I have search but only found high level articles, cannot find any operation docs on managing PIN caching.

Ta

windows-server-infrastructure
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I know I'm about 5 months late responding but, what you're looking for is instructions to configure "Windows Integrated Authentication" for ADFS and clients.

Try this https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-intranet-forms-based-authentication-for-devices-that-do-not-support-wia

and this https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/troubleshooting/ad-fs-tshoot-iwa

0 Votes 0 ·

1 Answer

Fred4230 avatar image
0 Votes"
Fred4230 answered

Come on! No one got a hint.

Is there a better forum for techies to ask questions?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.