Fresh install of Windows 10 build 14393. Domain-joined. Windows Hello, PIN
and Fingerprint are all greyed out
Default Domain Policy includes all 3 Biometrics lines:
Allow domain users to log on using biometrics: Enabled
Allow the use of biometrics: Enabled
Allow users to log on using biometrics: Enabled
With no WMI Filtering
I ran gpedit.msc locally on his laptop, and it shows the same 3 lines
configured as enabled.
After googling, I added this registry entry:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Biometrics\Credential
Provider]
"Domain Accounts"=dword:00000001
On my laptop, the fingerprint works fine, but on the COO's, Windows Hello is
greyed out and at the top it says: some settings are managed by your
organization. But as I said, my organization allows it and it works for me
and several other Win 10 laptops.
COO will not accept his new laptop without a fingerprint. I tried logging in
with a different domain user on that laptop and it is grey there too.
However, a non-domain, local account has access to Hello/Pin/Finger
Any ideas?
Kish
