To enroll a smart card certificate on behalf of another user, make sure you have set up the smart card certificate templates on the CA to enable this, and make sure you have enrolled a "Enrollment Agent" certificate to the user that will be doing the enrollment.
Right click the Certificate Current User / Personal / Certificate store, and select "Enroll on behalf of"� from All Tasks / Advanced Operations.
Click through the "Before You Begin"� screen, and, on the "Certificate Enrollment"� screen, click the "Browse.."� button and select the "Enrollment Agent" certificate you have been issued.
On the next page select the smart card enrollment certificate you have duplicated and modified.
Click next and select the user for who you are enrolling the smart card certificate.
Click next. The following dialog may appear asking you to insert the user's smart card.
Enter the PIN.
If the enrollment is successful, the dialog will show the following: