Microsoft Remote Desktop for Mac not working with IDEMIA PIV

Microsoft Remote Desktop for Mac not working with IDEMIA PIV
0

Upvotes

Upvote

 Dec 18 2021
0 Comments 
New

I transitioned from an Oberthur PIV to IDEMIA PIV back on November 2020, and the IDEMIA PIV has not worked with any of the Mac client versions released in the last year (including the current 10.7.3 version). My new IDEMIA PIV works with ssh, chrome and safari and the command-line rdesktop client.

 

The system_profiler SPSmartCardsDataType command shows my piv in its reader:

Readers:

     #01: Alcor Micro AU9560 (ATR:{length = 17, bytes = 0x3bd6970081b1fe451f878031c152411a2b})

Reader Drivers:

     #01: org.debian.alioth.pcsclite.smartcardccid:1.4.32 (/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle)

Tokend Drivers:

SmartCard Drivers:

     #01: com.apple.CryptoTokenKit.pivtoken:1.0 (/System/Library/Frameworks/CryptoTokenKit.framework/PlugIns/pivtoken.appex)

 

And its 8 public certs are displayed.

 

As the Microsoft rdp client connects, it shows the "sign-in options" for a few seconds, and I can see a smartcard icon displayed. Clicking on the icon shows "checking status" and then the smartcard disappears. (reseating the PIV or inserting another smartcard has no affect after the smartcard icon disappears).

 

My other yubikey smartcards work without issue. 

 

I don't see any useful logging information. My previous PIV only had 6 certs, and the new one has 8 (four of the 8 are expired). 

As my coworkers with Macs have received their new PIVs over the last year, they have encountered the same problem. I don't see any way to get any logging information out of the client.