[SmartcardServices-Users] Next Gen SmartCard Help (Gemalto 144)

Bill Thursby thursby at thursby.com
Thu Jun 24 06:24:42 PDT 2010 

Good morning Kevin,

If they are running Leopard with Active Directory single sign-on, then they
are probably running our ADmitMac for CAC product.  The Army certified this
and included it in their AGM (Golden Master).

The MacOSforge beta for the CAC-NG is not compatible.  If your are running
our product, we have our own tokend update that supports all DoD smart cards
(including the NG 144 cards).  Simply contact our support group with your
serial number and they can get you the newer tokend software.
(support at thursby.com)

Best regards,
   Bill Thursby

On 6/23/10 3:13 PM, "Mills, Kevin S CTR USAF AFMC 46 SK/SKI"
<Kevin.Mills.ctr at Eglin.af.mil> wrote:

> Afternoon all,
>  
> We recently moved from the older Common Access Cards (CAC) to the Next Gen
> Gemalto 144k CAC.  I am not sure how the network admins had it configured
> before, but they had used some way of logging into the Mac by mapping the Unix
> hash to the Active Directory.  Like I said they had no idea what they were
> doing.  They followed some post they found on Google.
>  
> That way has crashed and burned since we moved to the NG CAC.  We are no
> longer able to log in with the CAC and it will not communicate with any of the
> web servers using SSL and that are CAC enabled.  We get the following error:
>  
>                 ³The website <WEBSITE ADDRESS> did not accept the certificate
> <CERTIFICATE NAME>²
>  
> No matter what certificate we select it displays this error with the list of
> certificates that are on the card.
>  
> We do have the CAC-NG package installed.  We have Leopard 10.5.8 installed and
> the CAC-NG package associated with that version installed as well.
>  
> When we open the Keychain Access app the Smart Card will show up as CACNG
> instead of CAC and it does allow us to unlock the CAC and view the certs that
> are on the card.  The certs even display as being verified.
>  
> We are wondering if there is an official Mac document on what needs to be done
> to get this working on Leopard 10.5.8.  The network admins are dragging their
> feet and grumble, grumble, grumble when we tell them to contact someone at
> apple who does this for a living.  All other branches of the Federal
> Government and Military who are using Macs have them CAC enabled without any
> problems (they even talk to the Active Directory).  Im wondering if they just
> messed things up when they ³locked down² the computers to put them on the
> network.
>  
> Any help is greatly appreciated.
>  
> Thanks, 
>  
> Kevin Mills
> 46 SK/SKI
> TYBRIN Corp.
>  
> 
> 
> _______________________________________________
> SmartcardServices-Users mailing list
> SmartcardServices-Users at lists.macosforge.org
> http://lists.macosforge.org/mailman/listinfo.cgi/smartcardservices-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/smartcardservices-users/attachments/20100624/1c4581b3/attachment.html>

More information about the SmartcardServices-Users mailing list