Forum Discussion
Windows Hello for Business 0x80090010 NTE_PERM
Hi all,
I'm encountering an issue with Windows Hello for Business on the latest version of Windows (July 2025 update). The setup process fails during initialisation, and no biometric or PIN options are being provisioned for the user.
Environment:
- Windows version: 11 24H2 Enterprise (latest update)
- Deployment mode: Hybrid Cloud Trust
- Hybrid joined devices
Symptoms:
- Users are prompted to set up WHfB but the process fails at the last step with error 0x80090010
- Users who already have WHfB authentication methods created can successfully login
- Event ID 311 & 303 in the User Device Registration logs
Screenshots:
|
|
Troubleshooting so far:
- Unjoined and rejoined to Entra ID
- Granted modify permissions on folder in which NGC container would be created
- Rolled back to June 2025 update (this worked)
So it seems like this is caused or related to the latest Windows Update, which is rather unfortunate for us as we are just beginning to rollout WHfB for our organisation. I'm posting here to raise awareness of the issue, if there is a more appropriate place to post then please suggest.
18 Replies
Not sure if it's the proper way to fix it yet or not, but this did resolve it for me on a test device.
Even though we’ve had Passport for Work enabled via Intune policy (and it’s been working flawlessly for a while) I manually set the following registry key on the device — and it worked:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork]
"Enabled"=dword:00000001Thanks that has worked soon as added about and rebooted set face and pin fine all good on reboot
on options to sign in.Been a pain with new builds not being able to set them sine July update
Thank you, it has made the error disapear. However, after the PIN is set, this sign-in option now has a message 'This option is currently unavailable' and you have to you the password to sign-in.
Thanks, I will give that a try. I've also just realised that I cannot recreate this issue inside a virtual machine, so I am wondering if this problem could be hardware specific.
We also have this problem!!!! Same errors.
We are seeing this as well on new deployments. At first rolling back was successful. The last few we've deployed we could not roll back the update, it was not an option. I've also tried applying the Preview CU released a few days ago. No success.
I have acquaintances who got this issue on their new devices.
They applied the 3rd work-around (rolling back) and it worked (one device is untested on yet, but they confirmed the first two no longer having issue).
Thank you, LaurieWe are also seeing this happen on new devices.
