Article Number
000014243
Applies To
RSA Product Set: SecurID
RSA Product/Service Type: Authentication Client (RAC)
RSA Version/Condition: 3.5.x
Issue
- Microsoft Windows 7 desktop will not lock when the RSA SecurID SID800 token is removed from the USB drive.
- Customer requires that the computer lock when the end user unplugs the SID800 token from the computer.
- Even with a corresponding GPO in the Active Directory set, Windows 7 will refuse to lock the computer after the token has been removed from the reader.
Cause
Microsoft chose to create a new system service called
Smart Card Removal Policy and it is set to Manual.
Resolution
Make sure the GPO policy for lock desktop on smart card removal is set and that the Smart card Removal Policy service is enabled and running.
For information on having a desktop lock when the SID800 is removed, see this article on
screen lock timeout Group Policy.