Introduction to Network Authentication Guides
These Network Authentication guides will help you configure your Windows network domain for smartcard logon using PIV credentials.
There are many useful pages and technical articles available online that include details on configurations and using generic smartcards. The information presented here addresses common questions and configurations specific to the US Federal Government, PIV smartcards, and US federal civilian agency Certification Authorities.
Work with your Network Engineers, Domain Admins, Account Management, and Information Security colleagues to review the information, perform the configurations, and troubleshoot any issues together.
Check the following items before reviewing these network guides and lessons learned:
- Users have PIV credentials and PIV card readers
- You are using Microsoft Active Directory to manage your Windows network
- Domain Controllers are Microsoft 2008 R2 or 2012 or above
- User workstations are joined to your network and are Windows 7, Windows 8, or Windows 10-based
There are five configuration categories to review with your colleagues. All five includes steps that need to be completed and it’s best to review and complete in this order:
- Network Ports and Protocols
- Domain Controllers
- Trust Stores
- Account Linking: Associating PIV credentials with User Accounts
- Group Policies and Enforcement
There are two additional guides with pointers for tuning and using a local certification authority for domain controller certificates:
We want to add additional information for installing online certificate status protocol (OCSP) services, common errors and troubleshooting, and configuring MacOSX and other operating systems.
Submit an Issue to identify information that would be helpful to you, or consider contributing a page to these guides with your lessons learned.