My name is Martin Nyberg and I've been working as a Microsoft consultant with focus on cloud services since 2011. The solution is to download the YubiKey Manager and disabling the PIV interface in the settings. This doensn’t cause any issues but it may be a bit confusing to some users. With the default configuration a YubiKey will show up as both a security key and smart card on the Windows 10 sign in screen. Preventing the Yubikey from appearing as a smart card This doesn’t appear to be the case, in my experience both are required. ![]() When following the Microsoft documentation I assumed the section “Enable targeted Intune deployment” was an alternative to “Enable credential provider via Intune”. The next day the option to sign in using a FIDO2 key was nowhere to be found. I followed the instructions under “ Enable security keys for Windows sign in” -> “Enable credential provider via Intune” and allowed some time for the changes to replicate. Account with managed authentication (no ADFS).And from what I could tell the pre-requisites were met: According to Micosoft the following steps needed to be performed. The goal of the deployment however was to be able to sign in to my Windows 10 machine. In a matter of minutes I could sign in to Azure AD using my Yubikey and Microsoft Edge. The process of enabling combined registration alongside the FIDO2 authentication mehtod didn’t cause any problems. Recently I’ve been testing out FIDO2-based passwordless sign-in for Azure AD.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |