Posted on Jan 28, 2015
SGT Graduate Student
101K
46
47
1
1
0
Image
I know I could have contacted CW3 Michael Danberry privately via inbox but I hope an open forum would resolve this issue not only for me but for whoever else that may have or will experience this.

I have had this issue on my home computer (laptop) now for three days. I can log into AKO with the regular certificate (not the EMAIL one) but when I want to check my email on Enterprise (of course I select the EMAIL certificate), I get the “Please insert a smart card.” Window with the “OK” greyed out.

That leaves me with two button choices; the “Cancel” or “Details >>” button. When I click on the “Details >>” button I get this Smart card status: “A smart card was detected but is not the one required for the current operation. The smart card you are using may be missing required driver software or a required certificate.”

Here are some of the things I have tried already:

- Restart
- Uninstall ActivClient then Reinstall again (restarting at each)
- Install the driver from IOGear then restarting my computer
- Change the CAC reader

My computer is a MS Windows 7 Home Premium; x64-based PC

I can’t get to my emails!! I need to get on it for some very important work! Please Help!
Posted in these groups: Cac story 800 CACAko borderless AKOHelp Help
Avatar feed
Responses: 15
Votes
  • Newest
  • Oldest
  • Votes
CPT Aaron Kletzing
10
10
0
The best way to secure AKO is to make sure no one can ever access it, no matter what. Are you in the Army and eligible to access it? Are you a cyberterrorist trying to hack into it? NEITHER of you gets in. Call it what you want, but that's absolute security. The only person in the world who can conquer AKO's accessibility issues is the same guy who solved the world's largest rubik's cube in 7 hours (video below).
(10)
Comment
(0)
SGT Graduate Student
SGT (Join to see)
>1 y
LTC Yinon Weiss; CPT Aaron Kletzing... What if RallyPoint was a .mil? What is it required a DoD certificate?... Naah Please don't.
(1)
Reply
(0)
CW3 Michael Danberry
CW3 Michael Danberry
>1 y
If you want a CAC enabled on a .mil network you can use MilSuite. I had a person one time ask why I did not put all of my MilitaryCAC information on MilSuite. I simply stated it did not help anyone if they couldn't access it in the first place. I have not heard back from the person. Maybe it was a 'duh' moment for him. :)
(3)
Reply
(0)
Avatar small
MSG Signal Support Systems Specialist
4
4
0
From, https://militarycac.com/EEmail.htm

Solution 37: Your computer still has your certificates from your former CAC and is trying to them instead of your new CAC certificates.
Follow slide 15 in this guide to clear them: https://militarycac.com/files/Making_AKO_work_with_Internet_Explorer_color.pdf


Let me know if that doesn't work, but it should.
(4)
Comment
(0)
SSG Radiology Specialist
SSG (Join to see)
>1 y
Good info... I hope. I have issues with a Windows 8 tablet like this.
(0)
Reply
(0)
MSG Signal Support Systems Specialist
MSG (Join to see)
>1 y
If you search for your specific error message(s) on militarycac.com--well, I haven't found an issue yet that there's no advice or fix for there. I know that CW3 Michael Danberry, has been commended for it, but probably not enough.
(1)
Reply
(0)
SGT Graduate Student
SGT (Join to see)
>1 y
MSG (Join to see): I had the distinct honor to work in the same building with CW3 Michael Danberry. Others mention him as a mythical legend but I am proud to say, I have met “the man, the myth, the legend” personally.
(2)
Reply
(0)
CW3 Michael Danberry
CW3 Michael Danberry
>1 y
Ah geez, you guys are embarrassing me. :) I'm just plain Mike now. :)
(0)
Reply
(0)
Avatar small
CSM David Heidke
3
3
0
I get more errors when logging into my military laptop that are considered OK than I can shake a stick at.

Certificate errors, can't log into instant messenger, approvit doesn't recognize something or other.

It's a cacophony of bad configuration... Must be part of the security.
(3)
Comment
(0)
MSG Signal Support Systems Specialist
MSG (Join to see)
>1 y
One of the big flaws with AGM (Army Golden Master) is that they use it as a one size fits all when it doesn't really fit all the myriad platforms it can be put on. There are ways to fix a lot of it, but they aren't asking me.
(2)
Reply
(0)
CW3 Michael Danberry
CW3 Michael Danberry
>1 y
CSM Heidke, Is this military laptop connected to VPN when you are at home? The instant messenger will only work when on the Army network. You might need to take it back to your IT people to have them reimage it.
(0)
Reply
(0)
COL Vincent Stoneking
COL Vincent Stoneking
>1 y
This reminds me of my most recent TDY... I was working on my DTS in the hotel room. The details have faded in my mind, but I continually had to hop between being connected via VPN to being connected via just internet (NO VPN) to get various parts of the system to work. How did I find out? I vented to another person with more experience that X wasn't working - "Oh yeah, that doesn't work via VPN..." Something about the proxy settings and what DTS expected.

I wish I could remember the details, but it was about 4 hours of wasted effort and a significant emotional event, as I really wanted my flight home scheduled sometime before I was supposed to fly..
(1)
Reply
(0)
Avatar small
Avatar feed
CAC recognized for AKO login but not for Enterprise email certificate?
CPT Intelligence Analyst
2
2
0
Looking for some assistance with a CAC issue of my own.

I recently (last week) became a dual persona CAC holder (i.e. National Guard and Contractor). I went online and activated the PIV for each card, but am now no longer able to login to my AKO email (I can login to the AKO homepage, but cannot login to my email when clicking the email folder, nor directly from the Enterprise email webpage address). I am selecting the right email certificate, but cannot get past the USG Warning and Consent banner.

I get this error message:
"Your session could not be established. The session reference number: xxxxxxx
Access was denied by the access policy. This may be due to a failure to meet access policy requirements. If you are an administrator, please go to Access Policy >> Reports : All Sessions page and look up the session reference number displayed above. To open a new session, please click here."

I called the Enterprise helpdesk and their recommendations (deleting certificates, deleting SSL, and following Military CAC website recommendations) did not correct the issue.

Any assistance to help correct this issue would be GREATLY appreciated!
(2)
Comment
(0)
SGT Graduate Student
SGT (Join to see)
>1 y
This also happened to me. It seems like every S6/G6/J6 are really good at identifying problems but I am still waiting for someone to solve it. Let me know if you got off-line help for this. I will do the same.

Looking at hindsight, I wish I never used my contractor card to login to anything! It's the same DoD number
(0)
Reply
(0)
CPT Battalion Logistics Officer (S4)
CPT (Join to see)
>1 y
Ma'am, I have the SAME problem! I became a dual CAC card holder myself just a few days ago. Please, if you all find out how to get around this, I'm all ears. I'm literally at a stand still with everything I have going on.
(1)
Reply
(0)
SGM Sergeant Major
SGM (Join to see)
>1 y
Ma'am. I get that message when I use safari on my mac but not when I use chrome or firefox. Try those other search engines and see if that works.
(0)
Reply
(0)
SSG Help Desk Technician
SSG (Join to see)
>1 y
Ma'am, you will need to select the PIV Cert to access email. You can identify the PIV because displays the 16 Digit DoD ID number. Make sure you check your certificates in ActivClient that the PIV is displayed. you will also need to make it available to windows by pulling your CAC out. Check Internet options > content > certificates. Again it will display the 16 digit DoD ID #
(0)
Reply
(0)
Avatar small
1px xxx
Suspended Profile
Try removing g active client. Windows 7 and 8 are supposed to be able to run with out. The only thing after that is to tweak your IE options. Make sure you use IE, btw. Not to insult anyone's intelligence.
CW3 Michael Danberry
CW3 Michael Danberry
>1 y
Please keep in mind, the built in Smart Card utility available in Windows 7 & 8 does not cache your PIN. So, webmail will prompt you quite often for your PIN. Army users, you can download ActivClient for free via AKO username / password from links on http://militarycac.com/army.htm Other branches of the military are required to login with their CAC to download the program they need to use their CAC. Please also know, in my early tests of Windows 10, the built in Smart Card utility is gone, and neither 6.2.x.x or 7.0.x.x seem to currently work with it. So, I recommend if you want to use your CAC, do not become an early adopter.
(1)
Reply
(0)
SPC Combat Engineer
SPC (Join to see)
>1 y
Yup, by disabling ActiveX control in my browser I was able to login.
(0)
Reply
(0)
SGT Graduate Student
1
1
0
Edited >1 y ago
I'm glad this post is attracting more help for others. My intentions are met! I can sleep well now.
(1)
Comment
(0)
Avatar small
CW3 Human Intelligence Collection Technician
0
0
0
Since the AKO portal have changed, i cant access my enterprise email
(0)
Comment
(0)
CW3 Human Intelligence Collection Technician
CW3 (Join to see)
>1 y
having problems getting into my enterprise email
(0)
Reply
(0)
Avatar small
SPC Combat Engineer
0
0
0
Sorry that this is an old thread, but I recently started having issues as well. My AKO works marvelously, as does 99.9999% of other .mil and CAC-enabled sites like GKO, ACT, iPERMS, and MyPay. But my Enterprise mail won't even load the disclaimer page. Says "Internet explorer cannot connect to the webpage." Same error on three browsers across three computers (two desktops and a laptop) in my house, although Chrome is more specific with telling me DNS_PROBE_FINISHED_NXDOMAIN. I've tried uninstalling Installroot and reinstalling, deleting old certs, updating Activclient, and everything under the sun, including CW3 Danberry's tutorials on MilitaryCac.com.
"Help me CW3 Kenobi, you're my only hope."
(0)
Comment
(0)
SPC Combat Engineer
SPC (Join to see)
>1 y
Tha's where I'm stuck too. I was going well with my MacBook Pro then I had about set it on fire but instead but a HP on Amazon. Everything was going well then I hit the wall where I can't access the email. Jesus take the wheel and deliver us.
(0)
Reply
(0)
Avatar small
SPC Motor Transport Operator
0
0
0
yeah when I try to acess my webmail it just stays on the loading screen and all my cirts are active had my borther who is an IT guy and he even could not log on to web mail I'm using a personal computer with windows 10.
(0)
Comment
(0)
CW3 Michael Danberry
CW3 Michael Danberry
8 y
Justin, are you using the built in Smart card ability of Windows 10, or ActivID 7.1.0.153? Do you have the DoD certificates installed per http://militarycac.com/dodcerts.htm ? Please fill out my Windows support form at http://militarycac.com/windowsquestions.htm
(1)
Reply
(0)
MAJ Human Resources Officer
MAJ (Join to see)
>1 y
CW3 Danberry, I initially was able to access Army enterprise email with a personal computer. However, after a few weeks, I couldn't access Army enterprise email. After much troubleshooting and consulting with enterprise email technical support on the phone to no avail, I've found the link to the post for ActivID above. I've downloaded it and followed the instructions and it worked. I'm a reservist and it is required to monitor email regularly. When the Army banned the use of personal email accounts to conduct business without an exception to policy, I was stressing when I couldn't access enterprise. You're making the world a better place. Thank you.
(0)
Reply
(0)
Avatar small
SFC Cadet Health Ncoic
0
0
0
So what's the solution when militarycac.com doesn't fix any of your problems logging on or using .mil sites?
(0)
Comment
(0)
SFC Cadet Health Ncoic
SFC (Join to see)
8 y
Thanks!
(0)
Reply
(0)
SFC Cadet Health Ncoic
SFC (Join to see)
8 y
And if that website is blocked on government computers?
(0)
Reply
(0)
CW3 Michael Danberry
CW3 Michael Danberry
8 y
Yes, unfortunately the DoD has decided to block MilitaryCAC.com. I still can't find out why. Luckily for everyone the alias domains still work. So you can use MilitaryCAC.org or MilitaryCAC.us
(0)
Reply
(0)
SFC Cadet Health Ncoic
SFC (Join to see)
8 y
Roger, thanks!
Any idea when we can see a long-term fix rather than a workaround?
(0)
Reply
(0)
Avatar small

Join nearly 2 million former and current members of the US military, just like you.

How are you connected to the military?
  • Active Duty
  • Active Reserve / National Guard
  • Pre-Commission
  • Veteran / Retired
  • Civilian Supporter