Looking for best practice or viable solutions

Discussion in 'Windows Networking' started by Fredrick A. Zilz, Apr 5, 2005.

  1. I currently use username password authentication to my windows 2003 network.
    I am moving toward SmartCard logon. I am evaluating a couple smartcard and
    usb token device and software solutions for my domain laptops and desktops.
    My question:
    Currently users can access our intranet website and Outlook Web Access site
    from non domain computers using their username, domain, and password. Once
    I move to certificates for logon it seems as though they will loose this
    ability. I thought at first that usb tokens containing the user cert would
    be a solution but the usb devices I have evaluated require drivers to be
    installed on the users computer, which means that this would not work from
    "Kinko's" or any other "public" web browser. Is there a way for me to keep
    the feature for my users of access to their email via a web browser on a
    public computer while enforcing smartcard logon?

    I am moving to usercertificates for logon, encryption, email, and document
    signing. In house I am setting the workstations to lock when smartcards are
    removed. Encryptions is particularly important for my laptop users.

    Any help / advice is appreciated
    Fredrick A. Zilz, Apr 5, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.