Azure AD Joined Hello for Business and NPS Radius Authentication

Question

Hi guys,&nbsp;I am starting to roll out the Windows VPN client using L2TP to our computers which are a mixture of Hybrid Joined and Azure AD joined.&nbsp;All computers in the business have got Windows Hello for Business and this works well.&nbsp;&nbsp;The issue I am having is for the Azure AD joined machines only signing in with biometrics. They are unable to connect to the VPN with successfully when they use the '-UseWinlogonCredential' switch.&nbsp;This is not an issue with Hybrid Joined machines signing in with biometrics.&nbsp;I am struggling to find a solution to this problem, so for the interim those machines are simply prompting the user for their username and password which gets accepted.&nbsp;I suspect it's a certificate issue for Azure AD joined machines only but not too sure how to configure the NPS to allow these through.&nbsp;&nbsp;Any advice is greatly appreciated!

martinrh · Answer

JR900&nbsp;Did you ever figure something out here? I'm struggling with a similar problem and I'm not having much luck in my search for answers so far.

jr900 · Answer

martinrh&nbsp;Unfortunately not.&nbsp;I decided to go down a different route to semi-get around this issue. It would have been nice to have it fully implemented, but without much resource out there and limited time, I wasn't able to implement it.

zach eisenhauer · Answer

I also am having this issue - been digging through documentation and still can't find a solution. Anyone find any hits or anyone from Pernille-Eskebo have a solution?

Forum Discussion

Azure AD Joined Hello for Business and NPS Radius Authentication

3 Replies

Resources