Welcome to the TechMe Show where you learn the basics to the extreme in technologyIn this video we learn how to bring back the Group Policy Editor gpedit. Windows Hello is the biometric authentication feature that helps strengthen authentication and helps to guard against potential spoofing through fingerprint matching and facial recognition.
I want to enable fingerprint login with GPO.
Enable biometrics windows 10 domain. This will allow the domain users to sign in to Windows 10 using Biometrics. In your Server Manager Dashboard click on Tools and on Group Policy Management. Computer Configuration Administrative Templates Windows Components Biometrics Double-Left-Click on Allow domain users to log on using biometrics.
Note that you need the latest Administrative Templates admx for Windows 10 and Windows Server 2016 revision both on your server and client for these group policies to be available get them from Microsot here. Afterwards click on Domain Accounts and set its value to 1. Select the Sign-in Options tab and the fingerprint and PIN unlock options should be enabled.
Ideally adding the DWORD value back to the Windows Registry should resolve the problem. Enable or Disable Domain Users Sign in to Windows 10 Using Biometrics in Local Group Policy 1Press Windows Key R then type gpeditmsc and hit Enter to open Local Group Policy. Select the Enabled option then Left-Click on the Apply button then Left-Click on the OK button.
I installed the Windows 10 1703 Creators ADMX files. First I read that Turn on convenience PIN sign-in from Computerpoliciesadmin templatessystemlogon is REQUIRED. In the navigation pane expand Policies under User Configuration.
It implements 2FAMFA meaning multilayered security that is much more difficult to bypass than protection that hinges solely on a correct username and password combination. Now right click on it and click on Edit. At its core Windows Hello for Business provides a new non-password credential for Windows 10 devices.
Go to the Accounts group of settings. Give it a Name. Right-click the Enable Windows Hello for Business Group Policy object and click Edit.
Advertisement 2Navigate to the following path from the left-hand side pane. You will need to reboot your machine for the settings to take effect. Navigate to Computer Configuration Policies Administrative Templates Windows Components Biometrics.
And then set the name of the newly created DWORD as Domain Accounts. Start the Group Policy Management Console gpmcmsc. Computer Configuration.
Now right click on the right side panel and click on New DWORD 32-bit Value. Creating a new GPO and enabling Biometrics. Double click on the newly created DWORD and set its.
How Windows Hello for Business works and why its better than passwords. Note When Windows 10 first shipped it included Microsoft Passport and Windows Hello which worked together to provide multi-factor authentication. Set the name of this newly created DWORD as Domain Accounts.
From there right click on the right side panel and click on New DWORD 32-bit Value. Steps 1 and 2 of the best answer above along with a restart as directed gives you all the information you need to enable fingerprint sign-in. Do check if theres a new revision at the time of reading though.
Enable or Disable Domain Users to Sign in to Windows 10 using Biometrics using a REG file The downloadable reg files below will add and modify the DWORD value in the registry key below. This seems like a bug but it was done deliberately. Computer Configuration Administrative Templates Windows Components BiometricsAllow Domain users to log on using biometics enabled in GPO local or domain ComputerAdministrative TemplatesSystemLogonTurn on convenience PIN sign-in.
Right-click on an empty space in the right panel and click on New. Now extend your Domain Root until you find the Folder Group Policy Objects. If you want to use fingerprint authentication on your Windows 10 devices enter a PIN – required not optional.
Expand the domain and select the Group Policy Object node in the navigation pane.