Trust smartcard with third party certificates in windows login phase

Hi everybody,
I have my own PKI which is composed by a root CA (that is kept offline) and an intermediate CA.

My intermediate CA granted several certificates which are stored in user smart cards.
I would like to use such smart cards in the login phase, however I can’t find how to tell UCS server to trust these certificates.

Do you have any suggestion?

Thanks a lot

Mastodon