A
aFab1n3
Dears, we are migrating old Active Directory forest, based on Windows Server 2008, ADCS and Safent token (all services run on separate Windows Server 2008 servers) to a Windows Server 2016 environment.
Over old environment is active the authentication (through RDP) with Smart Card and PIN. New servers issued old GPO and all Active Directory service works fine. Despite this when try access RDP over new Servers, the Smart Card PIN is requested two times :
- first time to start the RDP session
- second time to start the authentication session
Old server request Smart Card PIN only the first time then when the session start the user is automatically logged on ingesting previous Token verified information (certificate onboard of the token and user PIN).
Certificates are generated from internal ADCS on the same domain as the old and new servers.
Any useful suggestion to unlock this stuff would be really appreciated.
Warm regards, F
Continue reading...
Over old environment is active the authentication (through RDP) with Smart Card and PIN. New servers issued old GPO and all Active Directory service works fine. Despite this when try access RDP over new Servers, the Smart Card PIN is requested two times :
- first time to start the RDP session
- second time to start the authentication session
Old server request Smart Card PIN only the first time then when the session start the user is automatically logged on ingesting previous Token verified information (certificate onboard of the token and user PIN).
Certificates are generated from internal ADCS on the same domain as the old and new servers.
Any useful suggestion to unlock this stuff would be really appreciated.
Warm regards, F
Continue reading...