Smart card reader problem

[Guest]

I am working with a Smart card reader which works fine in the XP
Professional, however when i run the diagnostic utility in the embedded image
for the limited users it displays "Resource manager" disabled. It works fine
for the users with admin previleges.
Behaviour is same in Xp Pro emulation also.
I want to know whether it is a component dependency or any group policy
settings



Thanks in advance,

 

[KM]

Nyquist,

Are you sure you are able to get to the Resource Manager page on XP Pro
under limitted user account?

Btw, in general, XP Pro Emulation won't help you with GPs since it will pick
up the default one (installed from an INF).

KM

 

[Guest]

KM,
I am sure it is working for limited user account in xp pro. The Status
of the resource manager in my diagonistic utility indicates "ok and running"
under xp pro, however the status is "disabled" under XPE and XP Pro
emulation. Whether it will a GPs problem or any component dependency or ? :-(

 

[KM]

Nyquist,

I am sorry, I misread your original post. I thought you're referring to the Resource page in a driver properties dialog of Device
Manager.

You are, however, talking about your own diagnostic tool that I have no knowledge of.

I'd recommend you run the diagnostic app through DEpendencyWalker (Profiling) and then, if no answer found, monitor its launch with
tools like Regmonand Filemon. Then you may be able to figure out the missing peices (files/registry).

KM

 

[Guest]

KM,
I have found the problem, it is with the ScardSvr.exe service. The
following registry key is not present under the service parameters
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCardSvr\Security]
"Security" ......
this registry key is present in SmartCard Subsystem, but i didn't find this
key in my pre-FBA image eventhough adding the component in my configuration.
I don't know why this key is not present in my pre-FBA image :-(

How to run debugging softwares like regmon & filemon for Limited user
accounts, access is denied for these accounts. Is there any GP's to enable
the permission for those accounts
In have set the permissions to "everyone" for Debug Programs and Load &
Unload device drivers in the GP under User Rights Assignment, however it is
not working

Thanks in advance,

 

[KM]

Nyquist,

I have found the problem, it is with the ScardSvr.exe service. The
following registry key is not present under the service parameters
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCardSvr\Security]
"Security" ......
this registry key is present in SmartCard Subsystem, but i didn't find this
key in my pre-FBA image eventhough adding the component in my configuration.
I don't know why this key is not present in my pre-FBA image :-(

Do you have "Smart card Subsystem" component included in your image?

How to run debugging softwares like regmon & filemon for Limited user
accounts, access is denied for these accounts.

Run them under Limited user account but with Admin priviledges with a tool like 'runas'.
Also, you can use "at" command to launch the software under Local System account (don't forget to put /interactive switch).

KM

 

[Guest]

KM,
If i manually add that registry key, scardsvr service is running for
limited user accounts and my smart card diagnostic tool is working
properly(Smart card sub system component is present in my configuration).

My question is , that registry key is present in the SP1 pre-FBA image and
it is working fine in SP1 image.
However that registry key is not present in the SP2 image, whether this
registry key is present in your SP2 image or its a SP2 bug.

With Regards

 

[KM]

Nyquist,

You are correct. The \SCardSvr\Security subkey was removed from SP2 version of the component. I just verified that.

Basically the key is there for the following revisions:
Smart card Subsystem [Version 5.1.2600.1106, R1507], [Visibility=200]
Smart card Subsystem [Version 5.1.2600, R620], [Visibility=200]


But it is missing from:
Smart card Subsystem [Version 5.1.2600.2180, R2890], [Visibility=200]

I don't know what was the reason why Micrsoft removed the key (maybe it was a fix for some other bug(s)).
I didn't have a chance yet to test this with SP2. But seems like you already did and found the missing peice

I may only guess that it has been done in SP2 to restrict limited user accounts more. But I regret there is not much info about it
on MSDN.

KM