Forum Discussion
Solved
Credential Guard
Hello, Kindly need to know if i enable credential guard with or without lock from intune to all users it will cause business disruption? Regards,
- Hi ,
To get complete feature of Credential Guard, you have to enable the below :
1) Secure boot
2) Trusted Platform Module (TPM) min. version 1.2 and above
3) Virtualization based security
There wont be any major impacts on the devices when you enable these options, but on a safer side I would recommend you to test with both existing (already registered) and new device.
Let me know how it goes..
Thanks !
Hello Krishnakumar_M,
If i enable the credential guard without the virtual based protection it will work?
Regards,
Hi ,
To get complete feature of Credential Guard, you have to enable the below :
1) Secure boot
2) Trusted Platform Module (TPM) min. version 1.2 and above
3) Virtualization based security
There wont be any major impacts on the devices when you enable these options, but on a safer side I would recommend you to test with both existing (already registered) and new device.
Let me know how it goes..
Thanks !
To get complete feature of Credential Guard, you have to enable the below :
1) Secure boot
2) Trusted Platform Module (TPM) min. version 1.2 and above
3) Virtualization based security
There wont be any major impacts on the devices when you enable these options, but on a safer side I would recommend you to test with both existing (already registered) and new device.
Let me know how it goes..
Thanks !
- Hello,
Kindly need to know that if i enable credential guard with UEFI lock how i disable it when needed if im supporting clients remotely?
Regards,- Hi,
You can follow the below steps:
Group Policy was used to enable Windows Defender Credential Guard, disable the relevant Group Policy setting. Navigate to Computer Configuration > Administrative Templates > System > Device Guard > Turn on Virtualization Based Security. In the "Credential Guard Configuration" section, set the dropdown value to "Disabled".
Note: If its enabled via Intune through administrative templates, you should see the similar navigation as the above and hence try to disable it.
Thank you,
Krishna- Thanks for your Support but in the definition they told that we need physical presence to do it for the UEFI with lock and remotely for option without lock.