In Microsoft Windows Server 2003, when you click to select the Smart card is required for interactive logon
check box in the properties of all the user accounts in Active Directory Users and Computers, you expect that users who log on interactively must supply a smart card to log on. However, services and scheduled tasks that use an account to log on also cannot log on if a smart card is not present.
In this scenario, you see events that are similar to the following when you view the Security log in Event Viewer:
Reason: Account currently disabled
User Name: Name_Of_Service_Or_scheduled_Task
Logon Type: 4
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: Computer_Name
This problem can affect client computers that are running Windows Server 2003, Microsoft Windows XP, or Microsoft Windows 2000.
This issue occurs because the Smart card is required for interactive logon
account option applies to all logon types except the network logon type. This option does not apply only to interactive logons.
To work around this issue, click to clear the Smart card is required for interactive logon
check box for the user accounts that services and scheduled tasks use to log on to the network. To do this, follow these steps:
- Start Active Directory Users and Computers.
- Click Users.
- In the right pane, right-click the user account of a service or scheduled task, and then click Properties.
- Click the Account tab, and then in the Account Options list, click to clear the Smart card is required for interactive logon check box.
- Click Apply, and then click OK.
- Repeat steps 3 through 5 for each user account that is used by a service or scheduled task.
Logon types include the following:
- Unlock workstation
Article ID: 889505 - Last Review: October 30, 2006 - Revision: 1.3
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Server 2003, Standard Edition (32-bit x86)
- Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
- Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
- Microsoft Windows XP Professional
- Microsoft Windows 2000 Professional Edition