John: Regarding the Thursby mention — for network/domain single-sign-on AD with CAC/PIV, Thursby does not recommend PKard for Mac, instead ADmitMac PKI. ADmitMac PKI we launched back with 10.4, at the request of Apple and the US Army. We build, support and guarantee solutions in the US on OS X and iOS all the way to OS X 10.8 and iOS 6, as well as developer previews under beta. It’s a different use case / market need than Open Source Software / self-build / self-certify / self-support. Regards, Simon @ Thursby On Aug 29, 2013, at 4:06 PM, John Daly <john.l.daly@navy.mil> wrote: Greetings all, I'm attempting to get smart card logins to work on my 10.6, 10.7, and 10.8 clients attached to a 10.6.8 Server with Open Directory. All users have a network account, and we've been directed to engage smart card logins and deny username/password logins. I can get the local login to work using a combination of smartcardservices from MacOSforge and Thursby's Pkard, but I have not been able to get it to work with a directory account. Yoann Gini has a great set of instructions and a modified sc_auth which I tried. The sc_auth does put the smart card's hash into the Open Directory account's Authentication Authority, but I still can't get the login window to ask for a PIN if the account is on the directory. Any ideas? Clues? Step by step instructions? Thank you, John _______________________________________________ SmartcardServices-Users mailing list SmartcardServices-Users@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/smartcardservices-users