Logging on to Remote Desktop using Windows Hello for Business & Biometrics

Akbar 

the information has been moved here: https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/faq#can-i-use-rdp-vdi-with-windows-hello-for-business-cloud-kerberos-trust

but basically it's says this (for future, if the link/content moves again)-

but in my opinion this also doesn't means, "this does not work" you've to understand and use it differently, its might just me but it took some time to think about it...

because you can't use WHfB for a "direct" login to RDP, so it doesn't work this way like to enter the username and then use biometrics for password login (this still have some consequences)...

instead you just don't enter a username/password at all, because you use Remote Credential Guard and like do a single-sign-on directly to RDP with your User (with your currently logged in User, though!!!)

for me the biggest problem is that this also don't solves a "PAW-Scenario" where i wouldn't like to have to enter a Admins Password on the Computer... there are ways of storing also a privileged User's WHfB Credential in your normal-Users WHfB container but this comes with some security degradations around the "certificates" that are behind all of them... this is called "Dual enrollment" you can read about this here:  https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/dual-enrollment

i also had some issues in rolling this out correctly, had to mess around with my WHfB containers, remove and recreate my WHfB logins, ended in notworking Windows Hello too, all over all it was a little mess... it then worked at some point but i think its broken again now on my computer...