Verifying smart card configuration
After enabling smart card support, as described in Configuring smart card login, do the following to verify that a smart card is working:
- Verify that the user is enabled for the zone the Mac computer has joined.
On the Windows computer, open Activity Directory Users and Computers or the Access Manager console and view the Centrify Profile for the user. Verify that the user has a profile and is assigned to a role in the zone to which the Mac computer is joined.
On the Mac computer, Click Utilities > Keychain Access.
- Insert the smart card into the reader and the keychain for the smart card certificate appears in the Keychains window, whose name is in the form,
CardProfile-CardNumber, for example,
If the new keychain does not appear, quit and restart Keychain Access.
Double-click the certificate for the user in the right-hand pane, for example, test user 3.
Scroll to find the NT Principal name; for example:
NT Principal Name tuser3@myDomain.com
The NT Principal name in the certificate should match the UPN in Active Directory.