WHFB non destructive PIN

Question

Hello,I've configured Windows Hello for Business and applied the Non-Destructive PIN Reset policy via Intune. However, after resetting the PIN, when I run dscmdreg /status in the User State, it still shows DestructiveOnly. Additionally, Event Viewer logs Event ID 7060 – PIN Recovery Error 0x83750007.Could you please help me troubleshoot this?

rahuljindal-mvp · Answer

I believe to use non destructive pin reset, you need to register additional service principals as well. I covered this briefly in one of my blog posts. Have a read. It may help. https://rahuljindalmyit.blogspot.com/2022/07/pin-recovery-temporary-access-pass-what.html

marietto79 · Answer

Hello,I registered the Microsoft PIN Service and Client applications by following this guide:&nbsp;https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/pin-reset?tabs=intune&nbsp;However the issue is that Windows Hello is unable to generate a key for the PIN reset&nbsp;I hope someone can help me on this errorRegards&nbsp;Mario

mariol79 · Answer

Hello,&nbsp;I registered the Microsoft PIN Reset Service and client applications by following this guide:&nbsp;https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/pin-reset?tabs=intune&nbsp;However, the issue is that Windows Hello is unable to generate a key for the PIN reset.&nbsp;I hope someone can help me with this error.&nbsp;Regards&nbsp;Mario

Forum Discussion

WHFB non destructive PIN

3 Replies

Resources