Article Number
000016392
Applies To
Windows 2012
RSA Authentication Agent 7.2.1 fro Windows
Issue
How to disable smart card credential provider on Windows 2012?
How to disable default credential provider on Windows 2012?
Customer installed RSA Authnetication Agent 7.2.1 on Windows 2012 server. When the user logs in via RDP, he notices two icons (tiles) one for Smart card and the other for securID. The default icon prompts for Smartcard. The user has to click on back button to see securID icon.
Customer does not want to see the default icon for smart card. Customer would like to see only SecurID icon on log in screen.
Resolution
A. Method 1 (This does not require the RSA Agent to be installed on the machine):
1. Open the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE \Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{8fd7e19c-3bf7-489b-a72c-846ab3678c96}
2. Verify that the default value is @="Smartcard Credential Provider"
3. Add the following DWORD value: "Disabled"=dword:00000001
B. Method 2 ( This requires the RSA Agent to be installed on the machine):
Create the following REG_STRING value (everything in red will need to be added by hand):
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\RSA\RSA Desktop\Credential Provider Filtering\Smartcard Credential Provider]
"ExcludeProvider"="1"
Note: The Windows Agent installer installs the templates locally so that they can be set simply by invoking gpedit and opening the ?RSA Desktop? folder.
