Sample Code (Command) - Windows Vista Domain Join with smart card

After you require smart card interactive logon in your environment, the traditional domain join will not work because you don't have a password. Windows Vista resolves this problem by allowing domain join with smart card. However, this new feature will work only if you have Root CA certifcate on smart card.

Here is how to enroll Root CA cert on smart card:

1. Run "certutil –scroots deploy" from command line to enrollment Root CA cert

2. Run "certutil –scroots view" to verify the cert

Certutil with new scroots switch is a built-in tool in Windows Vista.

After you load Root CA cert, you will be able to select a smart card instead of username/password, and enter the PIN to join a domain.