When enabled, lockdown mode on the ESXi host increases the security of the host and limits access to the DCUI. Lockdown mode might disable the smart card authentication feature.
In normal lockdown mode, only users on the Exception Users list with administrator privileges can access the DCUI. Exception users are host local users or Active Directory users with permissions defined locally for the ESXi host. If you want to use smart card authentication in normal lockdown mode, you must add users to the Exception Users list from the vSphere Web Client. These users do not lose their permissions when the host enters normal lockdown mode and can log in to the DCUI. For more information, see Specify Lockdown Mode Exception Users.
In strict lockdown mode, the DCUI service is stopped. As a result, you cannot access the host by using smart card authentication.