locked
Cannot map network drive with smartcard on client pc RRS feed

  • Question

  • I'm trying to access a network share, and authenticate using a smartcard. The smartcard can be used to log on to the server. The client runs Windows XP sp3, with all latest patches installed, the server runs Windows Server 2003. The client is NOT a member of this domain though, because I want to use this method on a standalone device.

    On the server PC, running Windows Server 2003, this works just fine:


    C:\Documents and Settings\Administrator>net use \\ecoserver.eco.lan\Homes\Administrator /smartcard
    Reading smart cards........
    Using the card in reader 1.  Enter the PIN:
    The command completed successfully.

    On a client PC (NOT a domain member), the same thing with the same card fails:

    C:\Projects>net use \\ecoserver.eco.lan\Homes\Admnistrator /smartcard
    Reading smart cards.....
    Using the card in reader 1.  Enter the PIN:
    System error 1263 has occurred.

    The kerberos protocol encountered an error while validating the
    KDC certificate during smartcard logon.

    Using plaintext passwords does work:

    C:\Projects>net use \\ecoserver.eco.lan\Homes\Administrator /user:Administrator@eco.lan
    The password or user name is invalid for \\ecoserver.eco.lan\Homes\Administrator.

    Enter the password for 'Administrator@eco.lan' to connect to 'ecoserver.eco.lan':
    The command completed successfully.

    Huh?

    Things I have checked:
    - No error or warning is being logged in the Event Log, not on the server, nor on the client machine.
    - I can authenticate to LDAP over TLS with the client certificate from the same smartcard on my client and perform queries.
    - My client PC trusts the CA certificate from the domain server, I've imported it into the trusted root CA's.
    - I can connect with SSL with IE to the domain server's IIS (which has a certificate signed by that CA), the certificate shows as trusted.
    - I tried re-newing the domain controller certificate. No change.
    Thursday, March 11, 2010 10:56 AM

All replies

  • Hi Guys,

    I have observed the fail of SQL light under production conditions, why don't know probably windows FS. The database gets stuck in read only states and causes total fail and destruction, corrupting itself. 

    I think moving to SQL server would fix this maybe at least something to consider. 

    Are you sure it is the SQL Lite itself instead of the design of the database? Is your data size large?
    Thursday, June 17, 2010 6:16 AM