Prompted to connect Smart Card when testing LDAPS with LDP.exe

0

I have the following issue. I've created a self-signed certificate in order to connect to LDAP\AD over SSL. When I test it with LDP, I am getting prompted to connect a smart card. After I cancel several times, the connection is established.
The Event Viewer generates the following error:

Log Name:      System
Source:        Schannel
Date:          7/19/2017 12:58:36 PM
Event ID:      36870
Task Category: None
Level:         Error
Keywords:      
User:          SYSTEM
Computer:     XXXXXXXX
Description:
A fatal error occurred when attempting to access the SSL client credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10003.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
    <EventID>36870</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2017-07-19T10:58:36.554301600Z" />
    <EventRecordID>590857</EventRecordID>
    <Correlation />
    <Execution ProcessID="668" ThreadID="2672" />
    <Channel>System</Channel>
    <Computer>XXXXXXXXXX</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="Type">client</Data>
    <Data Name="ErrorCode">0x8009030d</Data>
    <Data Name="ErrorStatus">10003</Data>
  </EventData>
</Event>
windows
active-directory
asked on Server Fault Jul 19, 2017 by Andrey Gerasimov • edited Jun 18, 2020 by Gryu

1 Answer

2

Just had exactly the same issue: Check the personal certificate store of your local user. Most probably there are client authentication certificates in there.

In my case had my laptop client authentication certificates installed. My RDP client was automatically configured to map the smart card "Local Resource" to my VM in Azure, which caused my local certificates to be copied to my VM. After deselecting the smart card mapping and deleting the certificates from the server, the issue was fixed.

answered on Server Fault May 2, 2018 by Yorick Kuijs

User contributions licensed under CC BY-SA 3.0