(179) Microsoft Intune - Fingerprint recognition - Windows Hello for Business

A customer only wanted to setup 'Fingerprint recongition' to be applied to their HP devices only, just required prerequisites must be met:

Operating Systems

• Windows 10 Pro or higher, with the latest build and fully patched

• Windows 11 Pro or higher, with the latest build and fully patched
  

TPM

• Trusted Platform Modul (TPM)

Hardware for Biometric Authentication

• Fingerprint scanner and/or camera for facial recognition

Device Registration

• The devices are managed with Microsoft Intune.

License

• Requires at least Microsoft Intune P1 or higher.

Before setting:

The following 'Settings Catalog' profile that needs to be created is:

• Cloud Kerberos Ticket Retrieval Enabled = Enabled

• Allow Use of Biometrics = True

• Group A = {BEC09223-B018-416D-A0AC-523971B639F5}

• Use Cloud Trust For On Prem Auth = Enabled

• Use Windows Hello For Business (Device) = True

• Require Security Device = true

With the following credential providers:

• Trusted Signal {27FBDB57-B613-4AF2-9D7E-4FA7A66C21AD}

• PIN {D6886603-9D2F-4EB2-B667-1971041FA96B}

• Fingerprint {BEC09223-B018-416D-A0AC-523971B639F5}

• Facial Recognition {8AF662BF-65A0-4D0A-A540-A338A999D36F

Once the policy is deployed, you now have the option where 'Fingerprint recognition (Windows Hello)' is enabled.