Bonjour All,
I am using a 3rd party CA for smart card login, i have successfully smart card login in single ROOT & single CHILD scenario after publishing the domain controller certificate.
I am facing smart card login issue in replicated ROOT & CHILD domain scenario,
first i explain my scenario.
I have a root forest domain for example "idtech" on a windows server 2008 R2 which system name was "SERVER1" and created replica of "idtech" on a machine which system name was "SERVER2". Then i created a child domain"bejing.idtech" on a machine which system name was "SERVER3"and created replica of "bejing.idtech" on a machine which system name was "SERVER4".
Now machine "SERVER1" is out ROOT DC, "SERVER2" is replica of ROOT. Machine "SERVER3" is out CHILD DC and machine "SERVER4" is replica of CHILD.
I obtained GUIDs of both "SERVER3" & "SERVER4" and got certificates from the CA. I published one certificate on CHILD "SERVER3" and one certificate on the replica "SERVER4" after
certutil -dspublish -f SERVER3.cer machine
certutil -dspublish -f SERVER4.cer machine
but i am not able to login and error is "Windows can not login, smart card logon is not supported for your user account"
Please guide me in this aspect.
Regards
Scott Thomas