Symptoms
Smart card logon fails with error You cannot use a smart card to log on because smart card logon is not supported for your user account, which possibly indicates your domain controller does not have a valid certificate.
Solution
Follow these steps to request a new certificate:
- Log in to the domain controller
- Open the Run prompt and run
mmc(if prompted to elevate permissions, select Yes) - Click File > Add / Remove Snap-In...
- Select Certificates and click Add >
- Select Computer account and click Next
- Select Local computer and click Finish
- Click OK
- In the tree view on the left, navigate to Certificates (Local Computer) > Personal > Certificates
- Click Action > All Tasks > Request New Certificate…
- Click Next
- Select Domain Controller Authentication and click Next
- Click Finish