Remote desktop to Windows Server 2022, Client PC can not detect USB Token (Smart Card)

Nguyen Chi Cong 0 Reputation points
2026-05-05T06:34:34.36+00:00

We are using a client PC (Windows 11) to remote desktop to a Windows Server 2022 which is plugged a USB token.

The server can recognize the token if we access via console. But when we do remote desktop from PC client (windows 11) to the server, the PC client can not see any usb token on the remoted server.

Please advise how to detect the USB token on the client PC when do remote desktop to server.

Thank you.

Windows for business | Windows Server | User experience | Remote desktop services and terminal services
0 comments No comments

3 answers

Sort by: Most helpful
  1. VPHAN 38,360 Reputation points Independent Advisor
    2026-05-07T07:14:08.4866667+00:00

    Hi Nguyen Chi Cong,

    How is your issue going? Has it been resolved yet? If it has, please consider accepting the answer as it helps others sharing the same problem benefit too. Thank you :)

    VPHAN

    Was this answer helpful?

    0 comments No comments

  2. VPHAN 38,360 Reputation points Independent Advisor
    2026-05-05T07:14:32.0166667+00:00

    Xin chào Nguyen Chi Cong,

    When a USB token is plugged directly into the server hardware, the Smart Card Resource Manager service restricts access exclusively to the local console session. Because a Remote Desktop connection creates an entirely separate virtual session, the hardware token remains hidden from your client view to prevent unauthorized credential access across different user sessions.

    To resolve this issue, you must reverse the physical location of the hardware token by unpluging the USB token from the Windows Server 2022 machine and plugging it directly into your local Windows 11 client computer.

    Once the device is recognized by your Windows 11 machine, launch the Remote Desktop Connection application by running mstsc.exe from your start menu. Before clicking connect, navigate to the Local Resources tab and click the More button located under the Local devices and resources section. You must ensure the checkboxes for Smart cards and Supported Plug and Play devices are selected. This configuration instructs the Remote Desktop client to securely map your local USB token through the encrypted tunnel directly into your server session.

    If you still can't see the token inside the server session after configuring the client, check the server registry path HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services to ensure the fDisableSmartcard value is not present or set to 1, as that specific group policy completely blocks redirection.

    Hope this answer brought you some useful information. If it did, please hit “accept answer”. Should you have any questions, feel free to leave a comment.

    VP

    Was this answer helpful?

    0 comments No comments

  3. AI answer

    2026-05-05T06:34:50.12+00:00

    Smart card and USB token redirection over Remote Desktop depends on RemoteFX/USB redirection and smart card redirection support between the client and the server. When the device is only visible in a console session but not in an RDP session, the usual cause is that the device type is not enabled for RemoteFX USB redirection.

    To make the USB token (treated as a USB device) available in the RDP session from the Windows 11 client to Windows Server 2022, enable RemoteFX USB redirection for the device type on the client side by using the registry override mechanism:

    1. On the Windows 11 client, remove any existing USB storage devices if required by policy.
    2. Ensure Group Policy does not block installation of the USB device type that needs to be redirected.
    3. Identify the correct interface class GUID for the USB token’s device type. For storage‑type devices, examples are:
      • Hard Drive: {53F56307-B6BF-11D0-94F2-00A0C91EFB8B}
      • CD-ROM: {53F56308-B6BF-11D0-94F2-00A0C91EFB8B} For other device classes, use the list of system‑defined device interface classes in the “System-Defined Device Interface Classes” documentation.
    4. On the client PC, add the GUID under this registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbSelectDeviceByInterfaces
      • Value type: REG_SZ
      • Value name: any unique string (for example, 100)
      • Value data: the interface class GUID in the form {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
      Example command (run in an elevated Command Prompt) for a CD‑ROM‑type device:
         reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbSelectDeviceByInterfaces" /v 100 /t REG_SZ /d {53f56308-b6bf-11d0-94f2-00a0c91efb8b} /f
      
    5. Close and restart Remote Desktop Connection on the client.
    6. In the Remote Desktop Connection UI (or RDP file using usbdevicestoredirect:s:), select the device under Other supported RemoteFX USB devices so it is redirected into the session.

    After these steps, the USB token should appear inside the remote session as a redirected USB device, allowing the application on Windows Server 2022 to see and use it.

    Note: Editing the registry incorrectly can cause serious problems. Back up the registry before making changes and restore it if any issue occurs.


    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.