SmartCard Your credentials could not be verified.

Discussion in 'Windows Server' started by Paul Mckenna, Jul 26, 2005.

  1. Paul Mckenna

    Paul Mckenna Guest

    Howdy People,

    Can someone point me in the right direction i'm trying to setup smartcard
    login but i keep getting the error message "Your credentials could not be
    verified. "
    In the event log of the client PC i get "The client has failed to validate
    the Domain Controller certificate for %servername% . The error data contains
    the information returned from the certificate validation process. Contact
    your system administrator to determine why the Domain Controller certificate
    is invalid."
    How do i find out why the cert is invalid?

    Thanks in advance for any help.

    Regards
    Paul Mckenna
     
    Paul Mckenna, Jul 26, 2005
    #1
    1. Advertisements

  2. Paul Mckenna

    Jason Tan Guest

    Hi Paul,

    Thanks for posting!

    Please help me know if all the clients encountered this issue£®

    Based on my research, I would like to suggest you refer to the following
    article to enable smart card:

    281245 Guidelines for enabling smart card logon with third-party
    certification
    http://support.microsoft.com/?id=281245

    Additionally, I would like to suggest you try the following article to
    resolve the issue.
    329433 A Revoked Certificate Is Selected If a Certification Authority in
    the Chain Has Two Certificates
    http://support.microsoft.com/default.aspx?scid=kb;en-us;329433

    Hope the information helps. If there is anything that is unclear, please
    feel free to let me know.

    Thanks & Regards,

    Jason Tan

    Microsoft Online Partner Support
    Get Secure! - www.microsoft.com/security

    =====================================================

    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.

    =====================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.



    --------------------
    | Thread-Topic: SmartCard Your credentials could not be verified.
    | thread-index: AcWSEmsX/nBa3wY3Qqacrl2Rq3RLWA==
    | X-WBNR-Posting-Host: 212.47.74.62
    | From: =?Utf-8?B?UGF1bCBNY2tlbm5h?= <>
    | Subject: SmartCard Your credentials could not be verified.
    | Date: Tue, 26 Jul 2005 11:47:05 -0700
    | Lines: 16
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | Newsgroups: microsoft.public.windows.server.general
    | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.general:43371
    | X-Tomcat-NG: microsoft.public.windows.server.general
    |
    | Howdy People,
    |
    | Can someone point me in the right direction i'm trying to setup smartcard
    | login but i keep getting the error message "Your credentials could not be
    | verified. "
    | In the event log of the client PC i get "The client has failed to
    validate
    | the Domain Controller certificate for %servername% . The error data
    contains
    | the information returned from the certificate validation process.
    Contact
    | your system administrator to determine why the Domain Controller
    certificate
    | is invalid."
    | How do i find out why the cert is invalid?
    |
    | Thanks in advance for any help.
    |
    | Regards
    | Paul Mckenna
    |
     
    Jason Tan, Jul 27, 2005
    #2
    1. Advertisements

  3. Paul Mckenna

    Paul Mckenna Guest

    Hi,
    Thanks for your email.
    This error happens on all client PCs, Smartcard login works fine on the
    server itself.
    I'm not using using any third party certificates.
    I just can't work out why my client PC s think the server certificate is
    invalid.
    If i type: Certuirl -scinfo on one of the client PCs everything looks fine.

    Regards
    Paul Mckenna
     
    Paul Mckenna, Jul 27, 2005
    #3
  4. Paul Mckenna

    Paul Mckenna Guest

    Hi again,

    It's all working now i remove the KDC certificate on the server then
    requested a new one and all seems ok.

    Thanks
    Paul
     
    Paul Mckenna, Jul 27, 2005
    #4
  5. Paul Mckenna

    Jason Tan Guest

    Hi Paul,

    Thank you for your update and the additional feedback on how you were
    successful in resolving this issue. Your solution will benefit many other
    users, and we really value having you as a Microsoft customer. If you have
    any other questions or concerns, please do not hesitate to contact us. It
    is always our pleasure to be of assistance.

    Thanks & Regards,

    Jason Tan

    Microsoft Online Partner Support
    Get Secure! - www.microsoft.com/security

    =====================================================

    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.

    =====================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.



    --------------------
    | Thread-Topic: SmartCard Your credentials could not be verified.
    | thread-index: AcWS8NBdE7zkFJxjQEGHcnjnwW7CFA==
    | X-WBNR-Posting-Host: 212.47.74.62
    | From: =?Utf-8?B?UGF1bCBNY2tlbm5h?= <>
    | References: <>
    <>
    <>
    | Subject: RE: SmartCard Your credentials could not be verified.
    | Date: Wed, 27 Jul 2005 14:19:03 -0700
    | Lines: 111
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 8bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | Newsgroups: microsoft.public.windows.server.general
    | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.general:43497
    | X-Tomcat-NG: microsoft.public.windows.server.general
    |
    | Hi again,
    |
    | It's all working now i remove the KDC certificate on the server then
    | requested a new one and all seems ok.
    |
    | Thanks
    | Paul
    |
    | "Paul Mckenna" wrote:
    |
    | > Hi,
    | > Thanks for your email.
    | > This error happens on all client PCs, Smartcard login works fine on the
    | > server itself.
    | > I'm not using using any third party certificates.
    | > I just can't work out why my client PC s think the server certificate
    is
    | > invalid.
    | > If i type: Certuirl -scinfo on one of the client PCs everything looks
    fine.
    | >
    | > Regards
    | > Paul Mckenna
    | >
    | >
    | > "Jason Tan (MSFT)" wrote:
    | >
    | > > Hi Paul,
    | > >
    | > > Thanks for posting!
    | > >
    | > > Please help me know if all the clients encountered this issue£®
    | > >
    | > > Based on my research, I would like to suggest you refer to the
    following
    | > > article to enable smart card:
    | > >
    | > > 281245 Guidelines for enabling smart card logon with third-party
    | > > certification
    | > > http://support.microsoft.com/?id=281245
    | > >
    | > > Additionally, I would like to suggest you try the following article
    to
    | > > resolve the issue.
    | > > 329433 A Revoked Certificate Is Selected If a Certification Authority
    in
    | > > the Chain Has Two Certificates
    | > > http://support.microsoft.com/default.aspx?scid=kb;en-us;329433
    | > >
    | > > Hope the information helps. If there is anything that is unclear,
    please
    | > > feel free to let me know.
    | > >
    | > > Thanks & Regards,
    | > >
    | > > Jason Tan
    | > >
    | > > Microsoft Online Partner Support
    | > > Get Secure! - www.microsoft.com/security
    | > >
    | > > =====================================================
    | > >
    | > > When responding to posts, please "Reply to Group" via your newsreader
    so
    | > > that others may learn and benefit from your issue.
    | > >
    | > > =====================================================
    | > > This posting is provided "AS IS" with no warranties, and confers no
    rights.
    | > >
    | > >
    | > >
    | > > --------------------
    | > > | Thread-Topic: SmartCard Your credentials could not be verified.
    | > > | thread-index: AcWSEmsX/nBa3wY3Qqacrl2Rq3RLWA==
    | > > | X-WBNR-Posting-Host: 212.47.74.62
    | > > | From: =?Utf-8?B?UGF1bCBNY2tlbm5h?= <>
    | > > | Subject: SmartCard Your credentials could not be verified.
    | > > | Date: Tue, 26 Jul 2005 11:47:05 -0700
    | > > | Lines: 16
    | > > | Message-ID: <>
    | > > | MIME-Version: 1.0
    | > > | Content-Type: text/plain;
    | > > | charset="Utf-8"
    | > > | Content-Transfer-Encoding: 7bit
    | > > | X-Newsreader: Microsoft CDO for Windows 2000
    | > > | Content-Class: urn:content-classes:message
    | > > | Importance: normal
    | > > | Priority: normal
    | > > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | > > | Newsgroups: microsoft.public.windows.server.general
    | > > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | > > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | > > | Xref: TK2MSFTNGXA01.phx.gbl
    microsoft.public.windows.server.general:43371
    | > > | X-Tomcat-NG: microsoft.public.windows.server.general
    | > > |
    | > > | Howdy People,
    | > > |
    | > > | Can someone point me in the right direction i'm trying to setup
    smartcard
    | > > | login but i keep getting the error message "Your credentials could
    not be
    | > > | verified. "
    | > > | In the event log of the client PC i get "The client has failed to
    | > > validate
    | > > | the Domain Controller certificate for %servername% . The error data
    | > > contains
    | > > | the information returned from the certificate validation process.
    | > > Contact
    | > > | your system administrator to determine why the Domain Controller
    | > > certificate
    | > > | is invalid."
    | > > | How do i find out why the cert is invalid?
    | > > |
    | > > | Thanks in advance for any help.
    | > > |
    | > > | Regards
    | > > | Paul Mckenna
    | > > |
    | > >
    | > >
    |
     
    Jason Tan, Jul 28, 2005
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.