Usb-key Log in to windows+ remote Desktop 01/31 Update SLTechnology News&Howtos

Usb-key Log in to windows+ remote Desktop

2025-01-31 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

Preparatory work

1.1 deploy AD domain

1.1.1 refer to the AD deployment steps documentation

1.2 deploy CA

1.2.1 refer to the CA deployment steps document

1.3Configuring CA

1.3.1 configure Certification Authority

Open [Certificate Authority]-- [Properties]

Find the "Security" tab and add "Domain Users". Check "read"-"request Certificate".

Select "Authenticated Users" and check "read"-"request Certificate"

1.3.2 configure Certificate template

Select "Certificate template"-"manage"

Adjust [smart card login]-[smart card user] attribute

Open the "Security" tab and add [Domain Users] check "read"-"register" smart card users to do the same.

Return to [Certificate Authority]-[Certificate template]-[New]-[Certificate template to be issued]

Add [Smart Card Login]-[Smart Card user] template

1.3.3 configure CA to enable Https

1.4 install ePass2003

Run [AUTORUN.EXE] to install EPASS2003

Select language

Select [Private CSP] to start the installation

1.5 configure Group Policy

Run GPEDIT.MSC deployment * * computer configuration * *-> * * Policy * *-> * * WINDOWS Settings * *-> * * Security Settings * *-> * * Local Policy * *-> * * user Rights assignment * *-> * * allow login through remote Desktop Services * * to add

Expand [Security options]-[Interactive login: smart card removal behavior] is configured to [lock workstation]

[security options]-[Interactive login: smart card required] is configured to [enabled]

1.6 issue certificates

Access https://ad.usbkey.com/certsrv/ to add addresses to the zone

[apply for Certificate]-[create and submit a request to this CA]

Select [Yes] in the pop-up dialog box

Certificate template Select [Smart Card user]-key option [create New key set]-CSP

Key usage: exchange key size: 1024 good remember name: usbkey submission waiting to be completed

1.7 verify USB-KEY

We start remote Desktop to use username and password authentication to find out

After we connect to USB-KEY, the smart card pops up to verify the PIN.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.