User prompted for smart card PIN when SecureLogin loads

  • 7011578
  • 04-Jan-2013
  • 04-Jan-2013

Environment

NetIQ SecureLogin
NSL7.0.3
Active Directory mode
Integrated with smart card

Situation

User receives extra login prompt after logging in with Smart Card
User prompted for Smart Card Pin when SecureLogin loads
User gets extra authentication prompt with SecureLogin installed and integrated with smart card
Unexpected prompt for PIN :                                             
 

Resolution

Edit the registry to point SecureLogin's secondary data store to "FILE" instead of  "Smart Card"
 
Change  HKEY_LOCAL_MACHINE\SOFTWARE\Protocom\SecureLogin\Security
SecondaryStore    string value = SmartCard
 
to  HKEY_LOCAL_MACHINE\SOFTWARE\Protocom\SecureLogin\Security
SecondaryStore    string value = FILE
 

Status

Reported to Engineering

Additional Information

When the prompt appears it makes no difference whether the user enters the pin or selects cancel.  SecureLogin loads either way, and shows the primary data store as AD and the Secondary data store as the local cache file, as shown:
 
The registry however, shows the secondary data store as SmartCard, not as the local cache file shown in the "about" dialog.  Note that this smart card was not configured to store NSL data.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.