Forum Discussion
Dabona
Microsoft
MicrosoftHow to: Enabling MFA for Active Directory Domain Admins with Passwordless Authentication
Administer on premise Active Directory
Using Azure Passwordless Authentication
removing Domain Admins passwords
Hello Guys,
I am here just to...
Hello ,
trying to implement the gpo as suggested but the policy "turn on security sign-in key" is not present on a windows 2016 domain controller
trying to implement the gpo as suggested but the policy "turn on security sign-in key" is not present on a windows 2016 domain controller
DabonaMicrosoft
MicrosoftHi Stefano, Try to update the GPO admx templates on the domain following : https://docs.microsoft.com/en-us/troubleshoot/windows-client/group-policy/create-and-manage-central-store
- Hello
I've followed the steps provided but I've some problems.
After creating the GPO to enable the security key login and applied to the Test PC it doesn't show up additional login providers, only the classic username and password.
Thee same on a windows 2016 test server.
Am I missing anything?- DabonaConfirm Hybrid Device Join is working properly. Confirm your Windows 10 version 2004+ PC are Hybrid Device Joined : dsregcmd /status must report AzurePRT ON. Review other requirements : https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-security-key-on-premises
- after updating the W10 client to the latest feature now I have the option to select the Sign-in via USB.
Still having issue with the windows 2016 server tough which is not joining Azure AD
Thanks
- Hello, thanks for the reply.
I wonder is it would be possible to use the microsoft authenticator instead of the Fido2 key to authorize users and more over Admins account- Dabona
StefanoC66 currently authenticator app passwordless can be used only for cloud/azure login , not onprem
