Hi,
We enforce smart card login using GPO on our Windows 7 workstations and are experiencing the same issue described here: http://social.technet.microsoft.com/Forums/scriptcenter/en-US/d2c9347c-cfd6-44a8-8baf-7c5202999177/adsi-setpassword-requests-smart-card-pin?forum=ITCG
in trying to build a password expiration/change HTA interface. Everything is fine in terms of binding to AD (2008 R2) but once the SetPassword is called, the smart card PIN prompt appears. We have found that the prompt even occurs if the user logs
on to the workstation with username/password if the smart card certificates exist in the personal certificate store. Deletion of the certificates from the personal store allows the operation to proceed without a PIN prompt. Is there any other way
to suppress this prompt aside from deleting the certificates from the store? We are using the built-in Windows 7 minidriver so no third party drivers or software are involved. Setting ADS_Secure_Authentication to 1 as recommended in the last post
of the linked thread does not appear to make any difference.
Thx
Josh