Smart card logon & remote desktop

[Dimitri]

Dear all,

I have a problem using smart card logon through a remote desktop connection.
I can successfully login using my smart card, but when I remove the card, the
station does not become locked whatever the state of the "smart card
behavior" option (note that it successfully locks the station when I logon on
the computer locally). Removing the card has just no effect.

Then, if I try to lock the station manually, I immediately see the PIN
dialog (without going through the "windows security" dialog), but:
- when I try to enter the PIN, it fails to unlock the station (a generic
error message is shown).
- when I click "cancel", I have to unlock the station maually using
login+password because the GINA is not responsive to smart card events
anymore.

This appears with both a custom CSP of mine and with the ACS (Axalto) CSP.
However, I have a test environment (domain controller + remote station +
remote client) on which it appears all the time (it worked only once, I don't
know why) and another environment where it does not seem to appear.
Unfortunately, my client is facing the same problem in his environment.

I tried to analyse the problem deeper and it seems the logon process does
not receive anymore smart card events simply because it does not manage to
get a valid smart card context. My CSP is called when I try to enter the PIN
to unlock the station and I could see that it does not manage to call
SCardAcquireContext successfully (althrough it manage to do so for logging
on). However, once the station is unlocked, all applications manage to get
and use smart card contexts successfully.

I have seen two KB articles 875506 and 910482 that discuss similar problems
but installing these hotfixes did not solve anything.

Note: this message was previously posted on platformsdk.security with no
answer.

Thanks

 

[Brian Komar]

Send details of the issue to hotline@gemalto.com
They may be able to help you.
I have seen this issue with many legacy CSPs.
Are you using a custom GINA by any chance?
Brian

"Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
news:4749B770-72FA-4FBE-B3DC-B5A66A1600D2@microsoft.com...
> Dear all,
>
> I have a problem using smart card logon through a remote desktop
> connection.
> I can successfully login using my smart card, but when I remove the card,
> the
> station does not become locked whatever the state of the "smart card
> behavior" option (note that it successfully locks the station when I logon
> on
> the computer locally). Removing the card has just no effect.
>
> Then, if I try to lock the station manually, I immediately see the PIN
> dialog (without going through the "windows security" dialog), but:
> - when I try to enter the PIN, it fails to unlock the station (a generic
> error message is shown).
> - when I click "cancel", I have to unlock the station maually using
> login+password because the GINA is not responsive to smart card events
> anymore.
>
> This appears with both a custom CSP of mine and with the ACS (Axalto) CSP.
> However, I have a test environment (domain controller + remote station +
> remote client) on which it appears all the time (it worked only once, I
> don't
> know why) and another environment where it does not seem to appear.
> Unfortunately, my client is facing the same problem in his environment.
>
> I tried to analyse the problem deeper and it seems the logon process does
> not receive anymore smart card events simply because it does not manage to
> get a valid smart card context. My CSP is called when I try to enter the
> PIN
> to unlock the station and I could see that it does not manage to call
> SCardAcquireContext successfully (althrough it manage to do so for logging
> on). However, once the station is unlocked, all applications manage to get
> and use smart card contexts successfully.
>
> I have seen two KB articles 875506 and 910482 that discuss similar
> problems
> but installing these hotfixes did not solve anything.
>
> Note: this message was previously posted on platformsdk.security with no
> answer.
>
> Thanks
>

 

[Dimitri]

Thanks Brian,

However, I can't really ask gemalto for some help. I'm a [very very small]
competitor, not a customer.
I use the standard windows GINA, not a custom one. I guess that developing a
specific GINA would certainly solve the problem. But - as far as I could
investigate - I see this issue as (maybe) a bug in the Microsoft GINA, so I'd
rather have Microsoft publish a hotfix than re-developing it myself. But I
could also be wrong...

Anybody from Microsoft, please help...

Dimitri

"Brian Komar" wrote:

> Send details of the issue to hotline@gemalto.com
> They may be able to help you.
> I have seen this issue with many legacy CSPs.
> Are you using a custom GINA by any chance?
> Brian
>
> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
> news:4749B770-72FA-4FBE-B3DC-B5A66A1600D2@microsoft.com...
> > Dear all,
> >
> > I have a problem using smart card logon through a remote desktop
> > connection.
> > I can successfully login using my smart card, but when I remove the card,
> > the
> > station does not become locked whatever the state of the "smart card
> > behavior" option (note that it successfully locks the station when I logon
> > on
> > the computer locally). Removing the card has just no effect.
> >
> > Then, if I try to lock the station manually, I immediately see the PIN
> > dialog (without going through the "windows security" dialog), but:
> > - when I try to enter the PIN, it fails to unlock the station (a generic
> > error message is shown).
> > - when I click "cancel", I have to unlock the station maually using
> > login+password because the GINA is not responsive to smart card events
> > anymore.
> >
> > This appears with both a custom CSP of mine and with the ACS (Axalto) CSP.
> > However, I have a test environment (domain controller + remote station +
> > remote client) on which it appears all the time (it worked only once, I
> > don't
> > know why) and another environment where it does not seem to appear.
> > Unfortunately, my client is facing the same problem in his environment.
> >
> > I tried to analyse the problem deeper and it seems the logon process does
> > not receive anymore smart card events simply because it does not manage to
> > get a valid smart card context. My CSP is called when I try to enter the
> > PIN
> > to unlock the station and I could see that it does not manage to call
> > SCardAcquireContext successfully (althrough it manage to do so for logging
> > on). However, once the station is unlocked, all applications manage to get
> > and use smart card contexts successfully.
> >
> > I have seen two KB articles 875506 and 910482 that discuss similar
> > problems
> > but installing these hotfixes did not solve anything.
> >
> > Note: this message was previously posted on platformsdk.security with no
> > answer.
> >
> > Thanks
> >
>

 

[S. Pidgorny]

1. The issue you're describing is with Gemalto cards and their CSP too - so
you are a customer and can ask
2. Card removal/insertion detection is not a part of MS GINA - so there will
be no hotfix
3. Forget writing your own GINA. Seriously.

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

"Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
news:1590DE6D-C570-4C7C-B149-382990A2A128@microsoft.com...
> Thanks Brian,
>
> However, I can't really ask gemalto for some help. I'm a [very very small]
> competitor, not a customer.
> I use the standard windows GINA, not a custom one. I guess that developing
> a
> specific GINA would certainly solve the problem. But - as far as I could
> investigate - I see this issue as (maybe) a bug in the Microsoft GINA, so
> I'd
> rather have Microsoft publish a hotfix than re-developing it myself. But I
> could also be wrong...
>
> Anybody from Microsoft, please help...
>
> Dimitri
>
> "Brian Komar" wrote:
>
>> Send details of the issue to hotline@gemalto.com
>> They may be able to help you.
>> I have seen this issue with many legacy CSPs.
>> Are you using a custom GINA by any chance?
>> Brian
>>
>> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
>> news:4749B770-72FA-4FBE-B3DC-B5A66A1600D2@microsoft.com...
>> > Dear all,
>> >
>> > I have a problem using smart card logon through a remote desktop
>> > connection.
>> > I can successfully login using my smart card, but when I remove the
>> > card,
>> > the
>> > station does not become locked whatever the state of the "smart card
>> > behavior" option (note that it successfully locks the station when I
>> > logon
>> > on
>> > the computer locally). Removing the card has just no effect.
>> >
>> > Then, if I try to lock the station manually, I immediately see the PIN
>> > dialog (without going through the "windows security" dialog), but:
>> > - when I try to enter the PIN, it fails to unlock the station (a
>> > generic
>> > error message is shown).
>> > - when I click "cancel", I have to unlock the station maually using
>> > login+password because the GINA is not responsive to smart card events
>> > anymore.
>> >
>> > This appears with both a custom CSP of mine and with the ACS (Axalto)
>> > CSP.
>> > However, I have a test environment (domain controller + remote station
>> > +
>> > remote client) on which it appears all the time (it worked only once, I
>> > don't
>> > know why) and another environment where it does not seem to appear.
>> > Unfortunately, my client is facing the same problem in his environment.
>> >
>> > I tried to analyse the problem deeper and it seems the logon process
>> > does
>> > not receive anymore smart card events simply because it does not manage
>> > to
>> > get a valid smart card context. My CSP is called when I try to enter
>> > the
>> > PIN
>> > to unlock the station and I could see that it does not manage to call
>> > SCardAcquireContext successfully (althrough it manage to do so for
>> > logging
>> > on). However, once the station is unlocked, all applications manage to
>> > get
>> > and use smart card contexts successfully.
>> >
>> > I have seen two KB articles 875506 and 910482 that discuss similar
>> > problems
>> > but installing these hotfixes did not solve anything.
>> >
>> > Note: this message was previously posted on platformsdk.security with
>> > no
>> > answer.
>> >
>> > Thanks
>> >
>>

 

[Brian Komar]

To backup Svyatoslav, Gina is dead, long live the credential provider
Brian

"S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
news:uH1B5v0KIHA.5160@TK2MSFTNGP05.phx.gbl...
> 1. The issue you're describing is with Gemalto cards and their CSP too -
> so you are a customer and can ask
> 2. Card removal/insertion detection is not a part of MS GINA - so there
> will be no hotfix
> 3. Forget writing your own GINA. Seriously.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>
> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
> news:1590DE6D-C570-4C7C-B149-382990A2A128@microsoft.com...
>> Thanks Brian,
>>
>> However, I can't really ask gemalto for some help. I'm a [very very
>> small]
>> competitor, not a customer.
>> I use the standard windows GINA, not a custom one. I guess that
>> developing a
>> specific GINA would certainly solve the problem. But - as far as I could
>> investigate - I see this issue as (maybe) a bug in the Microsoft GINA, so
>> I'd
>> rather have Microsoft publish a hotfix than re-developing it myself. But
>> I
>> could also be wrong...
>>
>> Anybody from Microsoft, please help...
>>
>> Dimitri
>>
>> "Brian Komar" wrote:
>>
>>> Send details of the issue to hotline@gemalto.com
>>> They may be able to help you.
>>> I have seen this issue with many legacy CSPs.
>>> Are you using a custom GINA by any chance?
>>> Brian
>>>
>>> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
>>> news:4749B770-72FA-4FBE-B3DC-B5A66A1600D2@microsoft.com...
>>> > Dear all,
>>> >
>>> > I have a problem using smart card logon through a remote desktop
>>> > connection.
>>> > I can successfully login using my smart card, but when I remove the
>>> > card,
>>> > the
>>> > station does not become locked whatever the state of the "smart card
>>> > behavior" option (note that it successfully locks the station when I
>>> > logon
>>> > on
>>> > the computer locally). Removing the card has just no effect.
>>> >
>>> > Then, if I try to lock the station manually, I immediately see the PIN
>>> > dialog (without going through the "windows security" dialog), but:
>>> > - when I try to enter the PIN, it fails to unlock the station (a
>>> > generic
>>> > error message is shown).
>>> > - when I click "cancel", I have to unlock the station maually using
>>> > login+password because the GINA is not responsive to smart card events
>>> > anymore.
>>> >
>>> > This appears with both a custom CSP of mine and with the ACS (Axalto)
>>> > CSP.
>>> > However, I have a test environment (domain controller + remote station
>>> > +
>>> > remote client) on which it appears all the time (it worked only once,
>>> > I
>>> > don't
>>> > know why) and another environment where it does not seem to appear.
>>> > Unfortunately, my client is facing the same problem in his
>>> > environment.
>>> >
>>> > I tried to analyse the problem deeper and it seems the logon process
>>> > does
>>> > not receive anymore smart card events simply because it does not
>>> > manage to
>>> > get a valid smart card context. My CSP is called when I try to enter
>>> > the
>>> > PIN
>>> > to unlock the station and I could see that it does not manage to call
>>> > SCardAcquireContext successfully (althrough it manage to do so for
>>> > logging
>>> > on). However, once the station is unlocked, all applications manage to
>>> > get
>>> > and use smart card contexts successfully.
>>> >
>>> > I have seen two KB articles 875506 and 910482 that discuss similar
>>> > problems
>>> > but installing these hotfixes did not solve anything.
>>> >
>>> > Note: this message was previously posted on platformsdk.security with
>>> > no
>>> > answer.
>>> >
>>> > Thanks
>>> >
>>>
>
>

 

[Alun Jones]

For much of the world, universal adoption of Windows Vista and Windows
Server 2008 is still a few years off.

I am aware of numerous companies still running Windows Server 2000 - so any
solution that applies to Windows Server 2003 will probably still sell for
another three or four years at least.

However, I am with Slav in suggesting that writing your own GINA is
something that you should do only if you _know_ that there is no way to
achieve what you are looking to do outside of altering the GINA.

The OP should open a support case with Microsoft. This is surely worth it to
him and his company.

Alun.
~~~~

"Brian Komar" <brian.komar@nospam.identit.ca> wrote in message
news5AFA431-B5E8-4E56-84E7-071174CF171A@microsoft.com...
> To backup Svyatoslav, Gina is dead, long live the credential provider
> Brian
>
> "S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
> news:uH1B5v0KIHA.5160@TK2MSFTNGP05.phx.gbl...
>> 1. The issue you're describing is with Gemalto cards and their CSP too -
>> so you are a customer and can ask
>> 2. Card removal/insertion detection is not a part of MS GINA - so there
>> will be no hotfix
>> 3. Forget writing your own GINA. Seriously.
>>
>> --
>> Svyatoslav Pidgorny, MS MVP - Security, MCSE
>> -= F1 is the key =-
>>
>> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>>
>> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
>> news:1590DE6D-C570-4C7C-B149-382990A2A128@microsoft.com...
>>> Thanks Brian,
>>>
>>> However, I can't really ask gemalto for some help. I'm a [very very
>>> small]
>>> competitor, not a customer.
>>> I use the standard windows GINA, not a custom one. I guess that
>>> developing a
>>> specific GINA would certainly solve the problem. But - as far as I could
>>> investigate - I see this issue as (maybe) a bug in the Microsoft GINA,
>>> so I'd
>>> rather have Microsoft publish a hotfix than re-developing it myself. But
>>> I
>>> could also be wrong...
>>>
>>> Anybody from Microsoft, please help...
>>>
>>> Dimitri
>>>
>>> "Brian Komar" wrote:
>>>
>>>> Send details of the issue to hotline@gemalto.com
>>>> They may be able to help you.
>>>> I have seen this issue with many legacy CSPs.
>>>> Are you using a custom GINA by any chance?
>>>> Brian
>>>>
>>>> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
>>>> news:4749B770-72FA-4FBE-B3DC-B5A66A1600D2@microsoft.com...
>>>> > Dear all,
>>>> >
>>>> > I have a problem using smart card logon through a remote desktop
>>>> > connection.
>>>> > I can successfully login using my smart card, but when I remove the
>>>> > card,
>>>> > the
>>>> > station does not become locked whatever the state of the "smart card
>>>> > behavior" option (note that it successfully locks the station when I
>>>> > logon
>>>> > on
>>>> > the computer locally). Removing the card has just no effect.
>>>> >
>>>> > Then, if I try to lock the station manually, I immediately see the
>>>> > PIN
>>>> > dialog (without going through the "windows security" dialog), but:
>>>> > - when I try to enter the PIN, it fails to unlock the station (a
>>>> > generic
>>>> > error message is shown).
>>>> > - when I click "cancel", I have to unlock the station maually using
>>>> > login+password because the GINA is not responsive to smart card
>>>> > events
>>>> > anymore.
>>>> >
>>>> > This appears with both a custom CSP of mine and with the ACS (Axalto)
>>>> > CSP.
>>>> > However, I have a test environment (domain controller + remote
>>>> > station +
>>>> > remote client) on which it appears all the time (it worked only once,
>>>> > I
>>>> > don't
>>>> > know why) and another environment where it does not seem to appear.
>>>> > Unfortunately, my client is facing the same problem in his
>>>> > environment.
>>>> >
>>>> > I tried to analyse the problem deeper and it seems the logon process
>>>> > does
>>>> > not receive anymore smart card events simply because it does not
>>>> > manage to
>>>> > get a valid smart card context. My CSP is called when I try to enter
>>>> > the
>>>> > PIN
>>>> > to unlock the station and I could see that it does not manage to call
>>>> > SCardAcquireContext successfully (althrough it manage to do so for
>>>> > logging
>>>> > on). However, once the station is unlocked, all applications manage
>>>> > to get
>>>> > and use smart card contexts successfully.
>>>> >
>>>> > I have seen two KB articles 875506 and 910482 that discuss similar
>>>> > problems
>>>> > but installing these hotfixes did not solve anything.
>>>> >
>>>> > Note: this message was previously posted on platformsdk.security with
>>>> > no
>>>> > answer.
>>>> >
>>>> > Thanks
>>>> >
>>>>
>>
>>
>

 

[Dimitri]

Thank you all for your answers

1. Well, I have a sample of the Gemalto CSP and some cards that they gave me
in the context of some other completely unrelated project, but I don't use it
(except for such tests), I never paid for it (and never will) and I don't
resell it (and never will). So I'm just absolutely not a customer. Anyway, it
was just an information I gave to demonstrate it appears with several CSPs,
including mine (which is the most important point). I can't bother someone to
help me fix a problem regarding my product if it competes with his product.
This is just not right.

2. Moreover, the problem really seems to come from the way Windows handles
the insertion/removal events (more precisely its whole smart card context,
which seems to become invalid after loggin in) within the logon process.
Whether it comes from the GINA part of this process or not is not relevant.
It anyway comes from a part of the system written by Microsoft. So I can at
least expect MS to have a look at the problem. This is part of the MSDN
program, am I wrong ?

3. I totally agree. I can't afford redeveloping a GINA.

To answer Brian: As suggested by Alun, my customer has not switched to Vista
yet (like most people). I, of course, can't force him to do it. And, as XP
and Win2K are still maintained by Microsoft (hopefully), I still think there
is some hope...

Dimitri

"S. Pidgorny <MVP>" wrote:

> 1. The issue you're describing is with Gemalto cards and their CSP too - so
> you are a customer and can ask
> 2. Card removal/insertion detection is not a part of MS GINA - so there will
> be no hotfix
> 3. Forget writing your own GINA. Seriously.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>
> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
> news:1590DE6D-C570-4C7C-B149-382990A2A128@microsoft.com...
> > Thanks Brian,
> >
> > However, I can't really ask gemalto for some help. I'm a [very very small]
> > competitor, not a customer.
> > I use the standard windows GINA, not a custom one. I guess that developing
> > a
> > specific GINA would certainly solve the problem. But - as far as I could
> > investigate - I see this issue as (maybe) a bug in the Microsoft GINA, so
> > I'd
> > rather have Microsoft publish a hotfix than re-developing it myself. But I
> > could also be wrong...
> >
> > Anybody from Microsoft, please help...
> >
> > Dimitri
> >
> > "Brian Komar" wrote:
> >
> >> Send details of the issue to hotline@gemalto.com
> >> They may be able to help you.
> >> I have seen this issue with many legacy CSPs.
> >> Are you using a custom GINA by any chance?
> >> Brian
> >>
> >> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
> >> news:4749B770-72FA-4FBE-B3DC-B5A66A1600D2@microsoft.com...
> >> > Dear all,
> >> >
> >> > I have a problem using smart card logon through a remote desktop
> >> > connection.
> >> > I can successfully login using my smart card, but when I remove the
> >> > card,
> >> > the
> >> > station does not become locked whatever the state of the "smart card
> >> > behavior" option (note that it successfully locks the station when I
> >> > logon
> >> > on
> >> > the computer locally). Removing the card has just no effect.
> >> >
> >> > Then, if I try to lock the station manually, I immediately see the PIN
> >> > dialog (without going through the "windows security" dialog), but:
> >> > - when I try to enter the PIN, it fails to unlock the station (a
> >> > generic
> >> > error message is shown).
> >> > - when I click "cancel", I have to unlock the station maually using
> >> > login+password because the GINA is not responsive to smart card events
> >> > anymore.
> >> >
> >> > This appears with both a custom CSP of mine and with the ACS (Axalto)
> >> > CSP.
> >> > However, I have a test environment (domain controller + remote station
> >> > +
> >> > remote client) on which it appears all the time (it worked only once, I
> >> > don't
> >> > know why) and another environment where it does not seem to appear.
> >> > Unfortunately, my client is facing the same problem in his environment.
> >> >
> >> > I tried to analyse the problem deeper and it seems the logon process
> >> > does
> >> > not receive anymore smart card events simply because it does not manage
> >> > to
> >> > get a valid smart card context. My CSP is called when I try to enter
> >> > the
> >> > PIN
> >> > to unlock the station and I could see that it does not manage to call
> >> > SCardAcquireContext successfully (althrough it manage to do so for
> >> > logging
> >> > on). However, once the station is unlocked, all applications manage to
> >> > get
> >> > and use smart card contexts successfully.
> >> >
> >> > I have seen two KB articles 875506 and 910482 that discuss similar
> >> > problems
> >> > but installing these hotfixes did not solve anything.
> >> >
> >> > Note: this message was previously posted on platformsdk.security with
> >> > no
> >> > answer.
> >> >
> >> > Thanks
> >> >
> >>
>
>
>

 

[Alun Jones]

"Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
news:88EDBC18-34A7-4686-A1AA-C2BA47D88DF0@microsoft.com...
> 1. Well, I have a sample of the Gemalto CSP and some cards that they gave
> me
> in the context of some other completely unrelated project, but I don't use
> it
> (except for such tests), I never paid for it (and never will) and I don't
> resell it (and never will). So I'm just absolutely not a customer. Anyway,
> it
> was just an information I gave to demonstrate it appears with several
> CSPs,
> including mine (which is the most important point). I can't bother someone
> to
> help me fix a problem regarding my product if it competes with his
> product.
> This is just not right.

What would be right, however, would be to co-operate with Gemalto. Ask them
if they have any information on why this fails, and offer to share with them
what information you have.

Other than that, open up a tech support case with Microsoft. If it's really
a bug, they won't charge you. If you misread the documentation, then they'll
charge you - but you should be able to make that back off the sales of your
functionng product.

Alun.
~~~~

 

[Dimitri]

You're right. I'll do that.

Thanks Alun

"Alun Jones" wrote:

> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
> news:88EDBC18-34A7-4686-A1AA-C2BA47D88DF0@microsoft.com...
> > 1. Well, I have a sample of the Gemalto CSP and some cards that they gave
> > me
> > in the context of some other completely unrelated project, but I don't use
> > it
> > (except for such tests), I never paid for it (and never will) and I don't
> > resell it (and never will). So I'm just absolutely not a customer. Anyway,
> > it
> > was just an information I gave to demonstrate it appears with several
> > CSPs,
> > including mine (which is the most important point). I can't bother someone
> > to
> > help me fix a problem regarding my product if it competes with his
> > product.
> > This is just not right.
>
> What would be right, however, would be to co-operate with Gemalto. Ask them
> if they have any information on why this fails, and offer to share with them
> what information you have.
>
> Other than that, open up a tech support case with Microsoft. If it's really
> a bug, they won't charge you. If you misread the documentation, then they'll
> charge you - but you should be able to make that back off the sales of your
> functionng product.
>
> Alun.
> ~~~~
>
>
>

 

[Alun Jones]

And if you have a boss to whom you need to justify your expenditure on a
tech support call, ask him what's a better use of money - paying for the
tech support call, or paying for you to trial-and-error your way through?

Alun.
~~~~

"Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
news:9F1FE694-71CE-4172-A3CB-0A42C1E9E641@microsoft.com...
> You're right. I'll do that.
>
> Thanks Alun
>
> "Alun Jones" wrote:
>
>> "Dimitri" <Dimitri@discussions.microsoft.com> wrote in message
>> news:88EDBC18-34A7-4686-A1AA-C2BA47D88DF0@microsoft.com...
>> > 1. Well, I have a sample of the Gemalto CSP and some cards that they
>> > gave
>> > me
>> > in the context of some other completely unrelated project, but I don't
>> > use
>> > it
>> > (except for such tests), I never paid for it (and never will) and I
>> > don't
>> > resell it (and never will). So I'm just absolutely not a customer.
>> > Anyway,
>> > it
>> > was just an information I gave to demonstrate it appears with several
>> > CSPs,
>> > including mine (which is the most important point). I can't bother
>> > someone
>> > to
>> > help me fix a problem regarding my product if it competes with his
>> > product.
>> > This is just not right.
>>
>> What would be right, however, would be to co-operate with Gemalto. Ask
>> them
>> if they have any information on why this fails, and offer to share with
>> them
>> what information you have.
>>
>> Other than that, open up a tech support case with Microsoft. If it's
>> really
>> a bug, they won't charge you. If you misread the documentation, then
>> they'll
>> charge you - but you should be able to make that back off the sales of
>> your
>> functionng product.
>>
>> Alun.
>> ~~~~
>>
>>
>>