Require Smart Card Login

Use this group policy to require all users to log in with a smart card. When this policy is enabled, no users can log in to the machine simply with a user name and password.

The Enable smart card support policy must be enabled in order for this policy to take effect. After you enable this policy, it does not go into effect until you join the computer to the domain (if not already joined) and reboot the computer.

If you don’t want to require smart card login for all users, you can use the Active Directory account option to require smart card login for a specific user. For example:

• In Active Directory Users and Computers select the user’s account and open the Properties.

• Click the Account tab, scroll down the list of Account options and select the Smart card is required for interactive logon option.