30 September,16 at 03:30 PM
Applies to: All versions of Centrify DirectControl using smart cards
Question:
AD users are able to authenticate and login with their PIV cards. When the certificate is renewed, the user can no longer login with the PIV card and the login shakes.
How can renewed certificates be re-accepted on the systems?
Answer:
Run the following commands to clear out any cached tokens:
sudo rm -rf /var/db/TokenCache/tokens
sudo mkdir /var/db/TokenCache/tokens
Remove and re-insert the card, the system should re-cache the certificates from the card with the updated information.
See the following KB for other smart card troubleshooting tips: