If you are experiencing the "You cannot use a smart card to log on because smart card logon is not supported for your user account" error when attempting to log in to your Windows computer using the smart card on the YubiKey, this indicates your domain controller(s) does not have a valid certificate. To resolve this, you can use the steps below request a new certificate.
- Log in to the domain controller.
- Press Win+R to open the Run prompt and run: mmc
- If prompted to elevate permissions, select Yes.
- Click File > Add / Remove Snap-In...
- Select Certificates and click Add >.
- Select Computer account and click Next.
- Select Local computer and click Finish.
- Click OK.
- In the tree view on the left, navigate to Certificates (Local Computer) > Personal > Certificates.
- Click Action > All Tasks > Request New Certificate…
- Click Next.
- Select Domain Controller Authentication and click Next.
- Click Finish.