Forum Discussion
Logging on to Remote Desktop using Windows Hello for Business & Biometrics
Although late, we have published information around WHfB with RDP :
jurajt Nope, not as far as I know. If it was resolved, and key-trust worked with RDP, I would be chugging margaritas and dancing on tables.
Sadly it still hasn't been fixed, and there is still little information available. I'm engaging Microsoft under our Unified Support to better understand what's happening in this space.
- As of a few weeks ago there wasn't any action and we were speaking with senior engineers. The documentation that states that ADFS is an absolute requirement with key trust is because of our case unfortunately.
Previously there was some gray area where it was thought that AD Connect would be sufficient. Our original thought was that we would go passwordless with Windows hello for business combined with phone sign in for Office 365 Authentication, on the back of multi-factor Authentication width required biometric login.
We actually rolled it out with incredibly positive user feedback. We were heroes. And then RDP bit us in the arse.Clint LechnerThat AAD Connect comment was gold. I was fuzzy too as it seemed no RA was required for the key trust model. Regardless, based on all these comments, the idea that I might be able to get away with the key-trust model seems to be out the window especially since we have a brand new requirement to deploy a single new RDP based PAW (Privileged Access Workstation) that should only be accessed with WHfB credentials. All I can say is I'm lucky all our servers are 2019 and workstations Win 10/1909. Now to build the lab! Krikey!
