Windows Vista - Join the domain with your smart card
A Microsoft Employee recently posted an interesting topic about support for domain join with smart card in Windows Vista, here is the story:
After you require smart card interactive logon in your environment, the traditional domain join will not work because you don't have a password. Windows Vista resolves this problem by allowing domain join with smart card. However, this new feature will work only if you have Root CA certifcate on smart card.
Here is how to enroll Root CA cert on smart card:
1. Run "certutil –scroots deploy" from command line to enrollment Root CA cert
2. Run "certutil –scroots view" to verify the cert
Certutil with new scroots switch is a built-in tool in Windows Vista.
After you load Root CA cert, you will be able to select a smart card instead of username/password, and enter the PIN to join a domain.