Forum Discussion

JimmyWork's avatar
JimmyWork
Iron Contributor
May 10, 2022

Windows Hello (Failed in logs, shows correctly)

Hi

 

I have created a Identity protection policy.

Checking the profile settings everything says succeeded.

Checking my logs on the device i get.

 

 

 

 

MDM ConfigurationManager: Command failure status. Configuraton Source ID: (4ED2BB8C-C735-44FE-8683-4DD7FCBB4288), Enrollment Type: (MDMDeviceWithAAD), CSP Name: (PassportForWork), Command Type: (Clear: first phase of Delete), CSP URI: (./Vendor/MSFT/PassportForWork/05dc4370-49fa-46a1-8b8b-2dd3063cd475/Policies/UsePassportForWork), Result: (Unknown Win32 Error code: 0x86000002).

MDM ConfigurationManager: Command failure status. Configuraton Source ID: (4ED2BB8C-C735-44FE-8683-4DD7FCBB4288), Enrollment Type: (MDMDeviceWithAAD), CSP Name: (PassportForWork), Command Type: (Clear: first phase of Delete), CSP URI: (./Vendor/MSFT/PassportForWork/05dc4370-49fa-46a1-8b8b-2dd3063cd475/Policies/RequireSecurityDevice), Result: (Unknown Win32 Error code: 0x86000002).

MDM ConfigurationManager: Command failure status. Configuraton Source ID: (4ED2BB8C-C735-44FE-8683-4DD7FCBB4288), Enrollment Type: (MDMDeviceWithAAD), CSP Name: (PassportForWork), Command Type: (Clear: first phase of Delete), CSP URI: (./Vendor/MSFT/PassportForWork/05dc4370-49fa-46a1-8b8b-2dd3063cd475/Policies/PINComplexity/MinimumPINLength), Result: (Unknown Win32 Error code: 0x86000002).

 

 

 

 

Checking the device group policy.

When deploing the device Windows Hello for Bussiness is activated and I use fingerprint and pin.
Not sure whats going on here really, woudl appriciate all the help.

Windows 11 Enterprise

Intune

11 Replies

  • Rudy_Ooms_MVP's avatar
    Rudy_Ooms_MVP
    MVP
    May 10, 2022

    Hi when pushing settings with Intune, those changes doesnt show up in you local gpo but you could find them in the policymanager registry keys.

    I guess the most important question... does it work as expected ? When reading the question it only shows that error in the log? 0x86000002

     

    Also a good question would be if you were running HAADJ or AADJ?

    • JimmyWork's avatar
      JimmyWork
      Iron Contributor
      May 10, 2022
      Thank you for answering, where in the registry can i verify it?
      It seems to be working on the device, I mean i'm using Windows Hello and I was force to make the Windows Hello setup during the enrollment.

      But i can't seem to find the registry, i dont have these in my registry.
      https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.MicrosoftPassportForWork::MSPassport_UsePassportForWork&Language=et-ee
      • Rudy_Ooms_MVP's avatar
        Rudy_Ooms_MVP
        MVP
        May 10, 2022
        Hi,
        Could you check out

        Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Policies\PassportForWork

Resources