Guidelines for enabling smart card logon with third-party certification authorities
This article is from Microsoft knowledge base for enabling Smart Card or PIV card logon with Microsoft Active Directory. Though this article is for Windows 2000, it is continues to be relevant for Windows 2008 or 2012 servers. The third party certification authority or Certificate Authority (CA) is an entity that issues digital certificates. Examples of Certificate Authority, GlobalSign, Symantec, Entrust, Digicert etc. Third party CA is mentioned here to differentiate with the Microsoft's Certification Authority. If you are implementing Smart Card logon with a Microsoft CA then you need to refer to this document and this doc , which provides how to configure Active Directory Certificate services. The below article provides all the information required in order to implement Smart Card Login to Active Directory. This enables a user to authenticate to an Active Directory with two factor authentication using a Smart Card, such as a PIV card thereby eliminating use of passwords to ...