I am trying to get the microsoft supplicant to work with machine certificates and smart cards. I have the supplicant configure via the registry settings as AuthMode set to 1 and SupplicantMode set to 3. The AuthMode setting of 1 authenticates first by using the machine certificate, which works fine, and then forces another re-authentication with user credentials. This is the part that doesn't work. When the users gets the GINA screen (ctl/alt/del) and enters the user credentials the PC never responds to the EAP Identity Request that is generated by the switch. From the debugs that I am running I never see a response from the PC. It's as if the certificate can not be read from the smart card, or maybe the mechanism where you are prompted to enter a pin isn't support in this mode. Does anyone have any experience with this? I've been told that other third party supplicants will work, but that will require an added expense and would prefer getting the MS supplicant to work instead. Any suggestions?