Fast User Switching with smart cards

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam rhoncus mattis dui, at elementum nibh porta eget. Aliquam dictum gravida hendrerit. Suspendisse in ultrices arcu. Vivamus quis ultrices magna, ac malesuada odio.

Fast User Switching with smart cards
  • Login as user1. Windows 10 automatically disconnects antasladmin session and user1 gets logged in.

-Login as user1. Windows 10 automatically disconnects antasladmin session and user1 gets logged in.
  • -Re-login with antasladmin. Continue working with my applications.

Windows 10

Fast User Switching is built-in. Use Microsoft “Smart Card Removal” service or Net iD to lock PC on smart card removal. Next user login automatically disconnects the currently active user-session.

With Microsoft “Smart Card Removal Policy” service:

*Note, Microsoft “Smart Card Removal” service will not work if using Net iD Full Credential Provider.

[HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\CredentialProvider]

"Mode"="0x????"

*Due to smart card switching issue in windows 10 at windows login prompt Net iD Full Credential Provider is recommended. Lock PC with Net iD instead.

With Net iD:

Using TaskbarEvent (Lock immediately on card removal)

[HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\TaskbarEvent\Remove]

"1"="application iid.exe -exitwindows -mode 0x01 -default 0x01 -timeout 0"

Or…

Using Watch (Lock immediately on card removal)

[HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\Command]

"Watch"="config"

[HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\Watch\Remove]

"1"="-l"

Windows 7/8.1

To have a nice end user experience with smart cards you will need to configure Net iD to disconnect the user-session on card removal.

With Net iD:

Using TaskbarEvent (Disconnect immediately on card removal)

[HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\TaskbarEvent\Remove]

"1"="application iid.exe -exitwindows -mode 0x40 -default 0x40 -timeout 0"

Or…

Using Watch (Disconnect immediately on card removal)

[HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\Command]

"Watch"="config"

[HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\Watch\Remove]

"1"="tsdiscon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\View]

"iidxwatch.exe"=".exe"

Dela denna artikel

Relaterat