Has anyone successfully implemented drive encryption with smart cards?
I am receiving an error that it is not a suitable card.
I am only doing this on a test user account. I have followed the instructions on setting up the policy assignment rules. I have my test user set up to use the common access card /PKI Smart card(we are using HID crescendo C1150s). I have tried resetting the token, trying another card, applying for a new certificate but I am still receiving "not a suitable card). I have checked and the C1150 is supported according to the KB. I went to the queries and reports and ran the DE: Users query and enabled my test account for UBP enforcement. Under server settings, for drive encryption, the activedirectory usercertificate field is correct and I verified through AD that there is a value. I submitted a ticket a few months ago to McAfee and it came back after troubleshooting that it is not supported. I already have activclient installed on the computer and I can log into the operating system fine with the card.
What version of Drive Encryption have you tried? What make/model of computer are you using? And are you using the built-in card reader of the laptop, or are you using an external reader? If you are using an external reader, what is the make/model of the reader? https://kc.mcafee.com/corporate/index?page=content&id=KB79788
Also, make sure the correct token type is selected in the DE User based policy. Looks like it should be "Common Access Card PKI Smart Card."
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.