Announcement

Collapse
No announcement yet.

How Force Logon to a computer using a Token USB or Smartcard

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How Force Logon to a computer using a Token USB or Smartcard

    Hi,

    Is it possible to force all users wanting to connect to a computer to use ONLY a Token USB or a SmartCard ?

    Does a Gpo exists for Windows 2000, XP or 2003?

    Thanks in advance,
    Eric

  • #2
    don't know what you want to do..
    maybe its my english but please explain...
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Instead of using a password at logon, users must insert a USB device or Smart card which will serve as the form of user authentication.
      Andrew

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

      Comment


      • #4
        I found the response, but not the way to do..
        You need to implement the MS PKI integrated with Active Directory. Issue user certs and have them downloaded to a smartcard, ensuring a PIN is also enabled for two factor authentication.
        You can then via GPO disable the interactive component of the users account so the only method to logon is with the smartcard, of which there is only one card issued.
        When the user removes the smartcard you force the workstation to either lock or logoff.

        But i don't arrive to find where are the differents GPOs to apply.
        Your help is welcome.

        Eric

        Comment

        Working...
        X