In a Windows 2008-based domain that is using the Active Directory directory service, you enable a client computer to use smart card authentication to log on to the domain. However, when you try to log on to the domain from a Windows Vista-based or a Windows Server 2008-based client computer, the logon process may fail, and you may receive the following error message:
No valid certificates found
Check that the card is inserted
This issue occurs if the smart card certificate does not contain Microsoft Extended Key Usage (EKU).