Bypassing Smart Card Logon using Remote Registry

less than 1 minute read

This VBscript prompts for a computer name or IP Address, connects to that system’s registry over the network and changes the scforceoption key to allow for immediate logon without a smart card. A PowerShell GUI version of this script can be found here, and there is also an updated version that works like a PowerShell cmdlet.

Many organizations now require CAC cards or another type of smart card to logon to workstations. A common way to enforce this is to use the Interactive logon: Require smart card group policy setting. When there is a problem with smart card authentication, this setting makes it difficult for troubleshooting.

'Changes registry key on remote computer to allow logon without CAC card
'Jason Hofferle
'21 June 2007
Option Explicit

Const HKEY_LOCAL_MACHINE = &H80000002
Dim objReg, strComputer

strComputer = InputBox("Computer Name or IP Address")

On Error Resume Next
Set objReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
objReg.SetDwordValue HKEY_LOCAL_MACHINE, "SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system", "scforceoption", 0
If Err <> 0 Then
        WScript.Echo "Error changing registry key on " & strComputer
        WScript.Echo "Registry Key changed on " & strComputer
End if

Set objReg = Nothing