Windows Login

Digital Certificate Based Logon

Microsoft has integrated functionality for Smart Card login and management into the Windows domain servers. Therefore if you are running Windows 2000 or 2003 Server, you do not have to purchase a separate authentication server to implement Smart Cards and USB Tokens.

When you set up digital certificate based login, windows automatically detects the reader and provides the option to use the Smart Card on the login screen:

When this screen appears, the user must insert their card, enter their PIN, and they are then logged into their Windows Domain account.

The windows domain server can be configured to enforce various security policies such as requiring a Smart Card for logon and automatically logging out the user when the smart card is removed.

Solution

Windows 2000 and 2003 server provide the components required for a Public Key Infrastructure (PKI) including a Certificate Authority (CA) for signing the certificates, certificate revocation, integration into Active Directory, and an Enrollment System to personalize the smart card and USB tokens for the end user.

The Raak Smart Cards and USB Smart Tokens are fully compatible with Windows smart card logon through the use of the RaakSign PKI Client Software- no additional server side software is required.

.