Nov 22 2022 08:12 AM - edited Nov 22 2022 08:13 AM
I have activated Windows Hello for Business using an Intune configuration profile. Now that it's activated - how can I use it? It does not appear as sign-in method when I'm prompted with sign-in window.
Nov 24 2022 02:49 AM
Nov 24 2022 04:34 AM
Thank you, @BilalelHadd.
Yes, we are using cloud only Azure AD. WHfB is enabled on the tenant level and using the Endpoint security "Account protection" policy.
Nov 24 2022 04:45 AM
Nov 24 2022 04:53 AM
@BilalelHadd Thank you. I did not set up a PKI infrastructure.
I followed all the steps described here: Windows Hello for Business Deployment Overview | Microsoft Learn and Windows Hello for Business Deployment Prerequisite Overview | Microsoft Learn.
Which information is missing there? Can you point me to those articles and blogs?
Nov 24 2022 04:58 AM
Nov 24 2022 05:33 AM
The link you provided is about "Hybrid cloud Kerberos trust deployment". We are not in a hybrid scenario, nor do we have an Active Directory (on-prem). As mentioned before, the right deployment guide is Azure Active Directory join cloud only deployment | Microsoft Learn.
"When you Azure Active Directory (Azure AD) join a Windows device, the system prompts you to enroll in Windows Hello for Business by default. If you want to use Windows Hello for Business in your cloud-only environment, then there's no additional configuration needed."
Nov 24 2022 06:16 AM
Nov 24 2022 08:25 AM
@BilalelHadd , sure:
What is kind of strange, is that some users in our tenant are missing the Authentication method "Windows Hello for Business" in the User profile in Azure. Is there some way to re-join Azure in order to get the sign-in method?
Nov 25 2022 12:40 AM
Nov 25 2022 01:37 AM
Thank you. I will take a closer look at your recommendation and update the thread.