Device Lock without Passcode

Stuart King · ‎03-26-2018

Hi All

We have a client who wishes to have the Windows Hello for Business / Device Passcode / PIN feature turned OFF and just use their AD credentials on the device.

Is it possible to still have the device lock after a period of inactivity?

Info greatly appreciated.

Stuart

Oliver Kieselbach · ‎03-27-2018

Hi Stuart

what you are looking for is available in the Device Restriction Policy in Intune:

best,

Oliver

Stuart King · ‎03-27-2018

Hi Buddy

When the Password (which we don't want) Device Restriction setting is set to Not Configured, the Maximum minutes of inactivity until screen locks setting is greyed out!

Stuart

Oliver Kieselbach · ‎03-27-2018

Hi,

you wrote ...and just use their AD credentials on the device. So I thought you don't want WHfB but AD Creds are used to logon :-). In that case you could enforce Password and the inactivity timeout...

What are you trying to achieve exactly? No WHfB and AAD Creds without Password?

best,

Oliver

Stuart King · ‎03-27-2018

Hi There

Yep, sounds silly, I know but that's what they want:

No WHfB
No PIN / Passcode on the device
User signs in with current AD creds (synced to Azure AD)

Stuart

Oliver Kieselbach · ‎03-27-2018

Sorry for asking again. You write user signs in with current AD creds (synced to AAD). This is normal business username/password and no WHfB which means no Pin/Passcode/Bio, therefore you can enforce the password policy imho?! AD creds are username and password.
Maybe I‘m totally not getting the point but I think you are doing the normal way of logon which allows this policy.
Sorry if I start the discussion again.

Best,
Oliver

Device Lock without Passcode

Device Lock without Passcode

Re: Device Lock without Passcode

Re: Device Lock without Passcode

Re: Device Lock without Passcode

Re: Device Lock without Passcode

Re: Device Lock without Passcode