At the end click on Save to apply the changes. This will enable FIOD2 security key support.ħ. Also, select Enable for Use security keys for sign-in Select Enable for Configure Windows Hello for Business. In the new window click on Windows enrollment | Windows Hello for Businessĥ. Search for Intune in the search box and click on it.Ĥ. Log in to Azure Portal as Global Administrator ( )Ģ. It is showing as compliant in the Microsoft Intune portal.Įnable Windows Hello for Business with Intuneīefore we create a device configuration profile, we need to enable Windows Hello for Business with FIDO2 security key support. I already have an Azure AD join device ready for her. In this demo, I am going to use a user called Megan Bowen for testing. Azure AD user account which completed the FIDO2 security key enrolment process – This explained in details via my previous post
I will be using eWBM Goldengate security key G320 (USB-C) in this demo with Surface Pro 7.Ĥ. FIDO2 Security keys – The good people at eWBM provided eWBM Goldengate security key G320 (USB-C) and eWBM Goldengate security key G310 (USB-A) for testing. If it is Hybrid Azure AD joined device at least it should be running Windows 10 Insider Build 18945ģ. Azure AD Join on Hybrid Azure AD joined Windows 10 Devices – If it is Azure AD Join device, it should run at least Windows 10 version 1903. Azure AD and Intune – Make sure you have valid Azure AD and Intune subscription in place.Ģ. In this demo, I am going to demonstrate how we can enable FIDO2 security key sign-in using Azure AD and Microsoft Intune.īefore enabling password-less authentication with FIDO2 security keys, make sure you have,ġ. We also can use FIDO2 security keys to sign-in to Azure AD Joined or Hybrid Azure AD Joined Windows 10 devices. You can access it using Step-by-Step Guide: Azure AD password-less sign-in using FIDO2 Security keys In my previous blog post, I explained how we can use FIDO2 security keys to perform password-less authentication with Azure AD.
0 kommentar(er)
