Smart Card Login + Certificate Login to AD -> Lost smart card

We have AD login using smart card + certificate working fine. We also know
what needs to be done in the event the user forgets the smart card when they
come to the office (let them temporarily login using a password and disable
it the next day). However, what are people (companies who have implemented
this MS solution, including MS) doing with the user who is a traveler with a
laptop, has a good cached profile (from the last successful smart card login
from the office before disconnecting), loses the smart card and needs to
logon to the desktop at a foregin country (or anywhere where they are not
connected to the corporate network and can't due to the inability to logon to
the desktop in the first place?)?

Does anyone have a solution for this? Is there no solution?

 

Losing their smart card is akin to forgetting their password and as long as
they can not connect to a network that allows access to a domain controller
they are out of luck. If there are easy workarounds then security would not
be adequate. If many users are loosing their smartcards then you should
find out why and how to minimize that. --- Steve

 

yes there is a 1/2 solution ,
just create a local profil for that user on notebook and user can logon
as local user and not domain user on his notebook and do everything he
needs!

Saleh Matani