ClmAuthAgent Troublehooting

Posted: February 28, 2012 in Uncategorized

CLM is a Smart Card Management suite from Microsoft and a tricky little beasty to configure in any environment other than the trivial one in which the Microsoft documentation is set. The system operates under a number of accounts of which the AuthAgent is one of the most important. Problems here will manifest as an inability to log in after the splash screen. Check the following:-

 

1. It has read on the certificate templates required

2. It has read on the subscriber groups (these are simply any groups you have configured in AD to contain recipients of smart cards)

3. It has read on the LRAs (these are simply any groups you have configured in AD to contain issuers of smart cards)

4. It has read on the connection point.

5. it has read/write on Profile Templates

6. It is a member of the Windows Authorisation Access Group (If AD was created without Permissions compatible with pre-Windows 2000 servers)

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s