I want to allow my Windows 10 1909 (Hyper-V VM) to be able to use PIN for sign ins.
I have created a non-administrator account and joined my VM during Windows installation to the AAD from the start.
I also configured this for PIN policy in Windows 10 in Azure portal - Intune
I created a group in Intune and put my VM device + User into that.
then I assigned this profile that I created for PIN to that group.
added my administrator user as the group owner.
I've also read this article:
still, in my Windows 10 account settings, there is no sign of PIN. i've waited 2 hours, synced my device from AAD portal and also from Windows settings to receive the latest policies. still nothing.
I'm running out of clues that why this is not working. any ideas?
Thanks in advance
I just remembered to mention this that I have disabled MFA (multi factor authentication) and also self service password reset. my user has no phone number associated to his account, that's how I wanted it to be, but could it be the reason the PIN is not working?
I've also enabled Windows hello for business in Intune
Okay so I figured out what the problem was.
as I said I was using a VM in Hyper-V, it was in Enhanced session mode, meaning it was connecting to the VM using RDP protocol which is better and more scalable in screen resolution, but that also was preventing Windows Hello for Business to work.
so with Enhanced session mode in Hyper-V, my Windows 10 settings page looked like this:
and in basic session mode, it looks like this:
so that's it, very simple thing that kept me up all night figuring out what I was doing wrong..hope this will help anyone else stuck in the same situation.
