Smart card Logon

While attempting to logon with a smart card, you may see the following message:

Event logs on Domain Controller:

Use the following troubleshooting procedure to correct this problem:

Smart card logon uses the Key Distribution Centre (KDC) for secure authentication. The KDC certificate will be validated when we restart the domain controller or the KDC service. The KDC certificate validation uses Validation Client CAPI Plug-in. Since validation authority has records only for user certificates, KDC certificate validation is likely to fail, which in turn causes smartcard logon to fail. We recommend adding the KDC certificate to the validation authority for seamless authentication.