Oct 31 2022 05:03 PM
Hi,
I set up Windows Admin Center within a domain with 2 domain controller, a certificate authority, a ocsp server, and the wac server itself.
I set up users to be able to log in to the wac server either through rdp or through the web interface.
The rdp access is used to make we can have guarantee the user can 1. log in using user name and password and 2. log in using smart card. We're able to confirm through smart card login via rdp that the user is dynamically given group membership to the smartcard based security group.
Once we have confirmation, we proceeded to log in to the wac through web interface.
Through the web interface, the user is able to log in using user name and password because it belonged to a security group added to gateway users. When we added a smartcard based security group to gateway users, we see that the user logging in with user name and password no longer has access permission.
After this set up we proceeded to log in to wac through the web interface, we're repeated prompted to provide pin for the smartcard, ultimately resulting in 401 error.
Is there some more configuration we need to put in place on wac or on the server wac is on?
Please assist.
Thanks!