Hi

I'm looking for additional information on working with Smartcards in
order to Authenticate with NT based OS's (specifically Win2k, XP
upwards).

I'm aware of the PCSC standard for which there is an API built into
Windows 2000 onwards to access smartcards and their readers, however
I'm yet to find a suitable reader, card and driver combination that
actually works.

Specifically I'm wanting to achieve the following tasks:
1. PREFERABLY (but will consider other options if needed) - be
compatible with the standard DELL smartcard keyboard reader (since we
have these all over the office).
2. Be able to program a smartcard to authenticate a windows user at
logon (card and PIN style) - preferably windows natively (i.e.
certificate services + 3rd party software).
3. Have the above solution be compatible with an Active Directory
domain (We're not trying to authenticate local logins here).
4. Have the above solution not be limited to under 50 users.
5. Preferably not have to install software on every client (unless
absolutely necessary).
6. Drivers should be PCSC complient (so we can use the windows API to
read the smartcard from in-house developed software) or if not PCSC
complient - have a decent SDK to work with.

Here's what I do know:-
1. DELL have been no help whatsoever.  They offer one piece of
software "OtaniumSuite PKI Software" which it seems near impossible to
find anything about.
Even with the above software - their sales dept. couldn't get hold of
any more than a couple of cards and had no idea where to get more.
2. We've looked at GEMPLUS readers and cards.  They do have PCSC
drivers, but in order to get them to work you have to install software
on every client.
The software has a great feature in that it replaces the W2k and XP
GINA login, CTRL+ALT+DEL screens etc - and you can configure the text
and graphics yourself (which is cool).
Although the above software had some nice features, it was useless for
AD Authentication as it a) simply memorized your CURRENT password in
the card and asked for a pin to unlock and b) Wasn't very stable and
caused machines to blue screen about once a day.
GEMPLUS support offer no software updates or upgrades, and when called
(from within Europe) seemed eager to help as long as you speak French.
(Enough said..)
3. There are a lot of companies out there who are eager to "consult"
with you, charge you half your annual turnover and install and set up
the kit - but thats the only way you can get any information out of
them.  We'd prefer a more out-of-the-box solution we can install
ourselves for a hundredth of the price tag.

We are not afraid of paying for a solution that works, and logic
dictates that there must be some companies out there offering software
solutions for small enterprise level companies to do this.  That said,
we don't particularly want to fork out 5-6 figures to get a team of
suits to come to our office and install a couple of CDs we could have
purchased mail order for a lot less..

Any sources of above solutions (or any other information you may feel
appropriate) would be welcome.

Thanks