Remove certificates from Microsoft Windows on logoff

Defines if user certificates are removed from Microsoft Windows when users log off.

Enable this feature if you are using a shared Microsoft Windows account and you do not want to see the certificates from all the users using their smart card on this computer, or if this computer is primarily used to issue smart cards for other users.

When this setting is enabled, the smart card must remain inserted during logoff for certificates to be removed from Microsoft Windows properly.

If this setting is not configured or disabled, then certificates are not removed from Microsoft Windows on logoff.

Supported on: At least Windows Vista SP1

Registry PathSOFTWARE\Policies\HID Global\ActivClient\CertificateRegistration
Value NameAutoUnRegOnLogOff
Enabled Value1
Disabled Value0


Administrative Templates (Computers)