This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Cherry Smart Card-Reader stops working after the RSA Authentication Agent for Windows is installed

Article Number

000033683

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Agent for Windows
RSA Product/Service Type: RSA Authentication Client (RAC)
RSA Version/Condition: 3.6
Platform: Windows
Platform (Other): Cherry Smart Card-Reader
O/S Version: 7 x64

Issue

On newly-imaged workstations and servers with the RSA Authentication Agent for Windows installed, the Cherry Smart Card-Reader stops working after initial login. When the user locks the workstation and attempts to log back in using the card reader, the system hangs. Removing the RSA agent resolves this issue.

This has been tested on a workstation to verify the behavior. Without changing anything, the card reader works without issue. After installing the RSA agent, the card reader works initially and then stops after locking the workstation.  After rebooting the workstation, the user can login using the card reader. After locking the workstation, he cannot.  

Steps to reproduce

The steps below were taken to reproduce the issue:
 
TimeAction/Result
5:45RSA authentication successful.
5:46Lock workstation.  Login with smart card fails.
5:47RSA authentication successful.
5:49Ran RSA agent install and chose Modify.
5:51Locked workstation and smart card login is successful.
5:52Locked workstation and smart card login is successful.
5:53Reboot workstation.
5:56Login with smart card is successful.

It appears that the RSA agent isn't getting fully installed and the subsequent Modify fixes something. The event viewer shows that the RSA agent install completed successfully with status of 0.

Cause

There is conflict between a SID800 registry setting for the old RSA Model 5200C Smart Card Answer-To-Reset (ATR) and the Common Access Card (CAC)* or smart card reader ATR that is manufactured by companies such as ActivIDentity and Cherry.

The ActivIDentity and Cherry cards have the same ATR as the old RSA 5200C smart card. The RSA RAC is trying to connect to this card, causing a conflict between the SID800 and the ActivIDentity or Cherry card and client.

* CAC = Common Access Card, Smart" ID card for active-duty military personnel, selected reserve, DoD civilian employees, and eligible contractor personnel.

Resolution

To resolve the conflict, delete the following registry key :

HKEY_LOCAL_MACHINE\SOFTWARE\RSA\RSA Desktop Common\Smart Card Registry Settings\SmartCards\RSA SecurID 5200C


Make sure to delete only the RSA SecurID 5200C key.

Workaround

Try the reboot commands listed in the Issue section.

 

0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-13 06:53 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.