Many people knows be about AD stuff (#PingCastle) but I'm also an expert in Windows & smart card.
If you have to remember one thing, it is:
certutil -scinfo
Thread
If you have to remember one thing, it is:
certutil -scinfo
Thread
Main problem being smart card recognition.
If you see a card name, it's ok
If you see a card name, it's ok
Sometimes, this is obvious: no smart card
Sometimes not:
Here, no minidriver / CSP / KSP has been installed.
You need to install a software.
But when you have both x64 & X86, you can to run both 32 & 64 bits version of certutil to make sure.
Here, no minidriver / CSP / KSP has been installed.
You need to install a software.
But when you have both x64 & X86, you can to run both 32 & 64 bits version of certutil to make sure.
This is also the best method to detect that the smart card service is deactivated (for performance / security reason)
If there is a card name, but the message "no key found", this is because the smart card has no certificate.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
