How to disable smart card credential provider on Windows 2012?

3 years ago

Originally Published: 2013-12-13

Article Number

000049434

Applies To

Windows 2012
RSA Authentication Agent 7.2.1 fro Windows

Issue

How to disable smart card credential provider on Windows 2012?
How to disable default credential provider on Windows 2012?
Customer installed RSA Authnetication Agent 7.2.1 on Windows 2012 server. When the user logs in via RDP, he notices two icons (tiles) one for Smart card and the other for securID. The default icon prompts for Smartcard. The user has to click on back button to see securID icon.
Customer does not want to see the default icon for smart card. Customer would like to see only SecurID icon on log in screen.

Resolution

A. Method 1 (This does not require the RSA Agent to be installed on the machine):

    1. Open the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE \Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{8fd7e19c-3bf7-489b-a72c-846ab3678c96}
    2. Verify that the default value is @="Smartcard Credential Provider"
    3. Add the following DWORD value: "Disabled"=dword:00000001

B. Method 2 ( This requires the RSA Agent to be installed on the machine):

   Create the following REG_STRING value (everything in red will need to be added by hand):
   [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\RSA Desktop\Credential Provider Filtering\Smartcard Credential Provider]
   "ExcludeProvider"="1"

Note: The Windows Agent installer installs the templates locally so that they can be set simply by invoking gpedit and opening the ?RSA Desktop? folder.

Don't see what you're looking for?

Related Articles

Trending Articles