Problems when Using Multiple Smart Cards for the Same Account

Applies To: Windows 7, Windows Server 2008 R2

Symptom

You deployed a second smart card for the same user account so that users have a backup smart card if they lose their original smart card. Users cannot log on with the second smart card, or users cannot log on with their original smart card after using the second smart card.

Cause

Because of the way logon information is cached, the certificate for the second smart card must be issued by another issuing certification authority (CA). If a different CA is not used, the last smart card that the user used online is the only smart card that can be used to log on when they are offline.

Resolution

For users to be able to use both smart cards to log on to their computers, you must issue a second CA for the second smart card, and then have your users log on with the second smart card to cache the CA that is issued for it.