Hi!
We use smart card logon and our smart cards are third party smart cards - it means we cannot control the publications on CRLs. Everything works nice in usual situation. But in some situations we want to use smart card logon in isolated environments, where domain controllers cannot access third party CDPs to check smart card certificat CRLs. My question is: is it somehow possible to disable smart card crl check on domain controller in case of smart card logan. Domain controllers are 2008 R2 and 2012 servers.
I'm aware of registry setting CRLValidityExtensionPeriod, but it still means I need some CRL in cache.
Thanks,
UV