en-US citrix user

Smart card authentication

Citrix Workspace App

Supported on: All Citrix Workspace supported platforms

Description

Use this policy to control how the client uses smart cards attached to the client device. When enabled, this policy allows the remote server to access smart cards attached to the client device for authentication and other purposes. When disabled, the server cannot access smart cards attached to the client device. Troubleshooting: When using smart cards in a Citrix environment, the smart card device driver must be installed on the server. When using a different operating system on the client machine, it may be necessary to ensure that the smart card device drivers in use interoperate correctly.

Registry

HKCU Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Virtual Channels\Smartcard

Value name: SmartCardAllowed

Enabled: SmartCardAllowed = *

Disabled: SmartCardAllowed = false

More options available

Options

Allow smart card authentication
SmartCardAllowed boolean - default: 1
Use pass-through authentication for PIN
DisableCtrlAltDel boolean

REG Builder

BETA

Configure the state and elements to generate .reg, PowerShell, Intune, and SCCM outputs.

These exports replicate the policy's registry effect. Editing the registry directly is not the same as applying the GPO through the management console (no gpupdate, no central reporting). Test before production; HKLM changes require administrator rights.

.reg file

Windows Registry Editor Version 5.00

; Exported from gporais.com
; Policy: Smart card authentication
; State: Enabled
; Supported on: All Citrix Workspace supported platforms

[HKEY_CURRENT_USER\Software\Policies\Citrix\ICA Client\Engine\Lockdown Profiles\All Regions\Lockdown\Virtual Channels\Smartcard]
"SmartCardAllowed"="*"
"SmartCardAllowed"=dword:00000001
"DisableCtrlAltDel"=dword:00000000