AVD- smart card authentication

Question

Hello,

as we know, we can log into any website from AVD session-host using Smart-card (CAC or PIV) inserted into my physical laptop from where I have opened the session-host ??
This website has nothing to do with Azure-AD
There is NO ADFS
It is standard Azure-AD-Joined AVD with multiple personal VMs in it.
I am getting into this session-host from latest thick AVD-client installed on Windows 10

Which smart-card driver is needed on the physical laptop for DOD-CAC card authentication ?
And what RPD settings is needed on the session-host for the redirection.

Thanks.

Answer 1

Thanks @KarishmaTiwari-MSFT for your help !!

Yes, gemalto DLGX4 looks familiar to me.
I agree, I have to do redirectsmartcards:i:1 on host-pool RDP-properties.

Do I have to install any thing in the session-host other then setting above property ?
I do not think so but wanted to confirm .

Thanks.

Answer 2

Issue Description: Which smart-card driver is needed on the physical laptop for DOD-CAC card AVD authentication ?

Recommendation: To achieve this, you would need the smart card driver from the actual card used by DoD entities. These are not uniform and may require multiple drivers. DoD uses gemalto DLGX4 in most cases, but there are others out there. You would also need to enable Smart card redirection through the RDP settings redirectsmartcards:i:1

Let me know if you have further questions. Thanks.