I have an HTA application that I use to create users in AD. Javascript and ADSI is used.
This is working fine, I can create users, set all desired attributes etc. But if the user that executes the HTA is authenticated using a smart card, it will popup twice asking for smart card pin code. If I type the pin it works fine, likewise it does if
I just click cancel. The thing is, that it is anoying and slows things down. A users with the proper rights, but no smart card, can run the script without anything popping up.
First I bind to the AD and gets the container, then create the user as follows:
objContainer = GetObject("LDAP://" + strContainerDN);
objUser = objContainer.Create("user", "CN=" + strUserID);
objUser.Put("samAccountName", strUserID);
objUser.Put("userPrincipalName", strUserID + "@mydomain.com");
objUser.SetInfo();
Next I set the password:
objUser.SetPassword("xxxxxxxx");
It is the SetPassword method, that results in the popup window.
The Window looks genuine Microsoft. Says Windows Security, Microsoft Smart Card Provider, Please enter your PIN:
And next the the input box there is a smart card tile.
I am loging to a server (2008 R2) using RDP to perform the administration. Using smart cards in remote session have been enabled.
Any ideas why this Windows pops up? Apparently it is not necessary when I can just click cancel.
And any way to prevent it? Other than disabling using smart card in remote session.
Thanks in advance,
Jan Nielsen