Allow signature keys valid for Logon

This policy setting lets you allow signature key-based certificates to be enumerated and available for logon.

If you enable this policy setting then any certificates available on the smart card with a signature only key will be listed on the logon screen.

If you disable or do not configure this policy setting, any available smart card signature key-based certificates will not be listed on the logon screen.

Supported on: At least Windows Vista

Registry Hive	HKEY_LOCAL_MACHINE
Registry Path	SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider
Value Name	AllowSignatureOnlyKeys
Value Type	REG_DWORD
Enabled Value	1
Disabled Value	0

smartcard.admx

Administrative Templates (Computers)

Control Panel
Network
Printers
Start Menu and Taskbar
System
Windows Components

Administrative Templates (Users)

Control Panel
Desktop
Network
Shared Folders
- Allow DFS roots to be published
- Allow shared folders to be published
Start Menu and Taskbar
System
Windows Components
Enable auto-subscription