000016392 - How to disable smart card credential provider on Windows 2012?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000016392
Applies ToWindows 2012
RSA Authentication Agent 7.2.1 fro Windows
IssueHow to disable smart card credential provider on Windows 2012?
How to disable default credential provider on Windows 2012?
Customer installed RSA Authnetication Agent 7.2.1 on Windows 2012 server. When the user logs in via RDP, he notices two icons (tiles) one for Smart card and the other for securID. The default icon prompts for Smartcard. The user has to click on back button to see securID icon.
Customer does not want to see the default icon for smart card. Customer would like to see only SecurID icon on log in screen.
Resolution

A. Method 1 (This does not require the RSA Agent to be installed on the machine):
   
    1. Open the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE \Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{8fd7e19c-3bf7-489b-a72c-846ab3678c96}
    2. Verify that the default value is @="Smartcard Credential Provider"
    3. Add the following DWORD value: "Disabled"=dword:00000001


B. Method 2 ( This requires the RSA  Agent to be installed on the machine):


   Create the following  REG_STRING value (everything in red will need to be added by hand):
   [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\RSA Desktop\Credential Provider Filtering\Smartcard Credential Provider]
   "ExcludeProvider"="1"


Note: The Windows Agent installer installs the templates locally so that they can be set simply by invoking gpedit and opening the ?RSA Desktop? folder.

Legacy Article IDa63360

Attachments

    Outcomes