mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 13:27:23 +00:00
Merge pull request #45 from MicrosoftDocs/whfb-staging
Changing owners and some small fixes
This commit is contained in:
Dani Halfin
GitHub
commit
3f6366c461
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -8,8 +8,8 @@ ms.mktglfcycl: explore
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -81,4 +81,4 @@ Sign-in a domain controller or management workstation with domain administrator
|
||||
2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md)
|
||||
3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md)
|
||||
4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-cert-trust-validate-deploy-mfa.md)
|
||||
5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)
|
||||
5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -51,4 +51,4 @@ Once you have validated all the requirements, please proceed to [Configure or De
|
||||
2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md)
|
||||
3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md)
|
||||
4. Validate and Deploy Multifactor Authentication Services (MFA) (*You are here*)
|
||||
5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)
|
||||
5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -30,4 +30,4 @@ Below, you can find all the information you will need to deploy Windows Hello fo
|
||||
2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md)
|
||||
3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md)
|
||||
4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-cert-trust-validate-deploy-mfa.md)
|
||||
5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)
|
||||
5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -8,8 +8,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -45,4 +45,4 @@ Provision can occur automatically through the out-of-box-experience (OOBE) on Az
|
||||
|
||||
Authentication using Windows Hello for Business is the goal, and the first step in getting to a passwordless environment. With the device registered, and provisioning complete. Users can sign-in to Windows 10 using biometrics or a PIN. PIN is the most common gesture and is avaiable on most computers and devices. Regardless of the gesture used, authentication occurs using the private portion of the Windows Hello for Business credential. The PIN nor the private portion of the credential are never sent to the identity provider, and the PIN is not stored on the device. It is user provided entropy when performing operations that use the private portion of the credential.
|
||||
|
||||
[How Windows Hello for Business authentication works](hello-how-it-works-authentication.md)
|
||||
[How Windows Hello for Business authentication works](hello-how-it-works-authentication.md)
|
||||
|
||||
@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -41,4 +41,4 @@ Windows Hello for Business is a distributed system that uses several components
|
||||
- [Windows Hello and password changes](hello-and-password-changes.md)
|
||||
- [Windows Hello errors during PIN creation](hello-errors-during-pin-creation.md)
|
||||
- [Event ID 300 - Windows Hello successfully created](hello-event-300.md)
|
||||
- [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)
|
||||
- [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -145,4 +145,4 @@ Alternatively, you can configure Windows Server 2016 Active Directory Federation
|
||||
3. New Installation Baseline (*You are here*)
|
||||
4. [Configure Azure Device Registration](hello-hybrid-cert-trust-devreg.md)
|
||||
5. [Configure Windows Hello for Business settings](hello-hybrid-cert-whfb-settings.md)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -52,4 +52,4 @@ Regardless of the baseline you choose, you’re next step is to familiarize your
|
||||
3. [New Installation Baseline](hello-hybrid-cert-new-install.md)
|
||||
4. [Device Registration](hello-hybrid-cert-trust-devreg.md)
|
||||
5. [Configure Windows Hello for Business settings](hello-hybrid-cert-whfb-settings.md)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
---
|
||||
---
|
||||
title: Hybrid Windows Hello for Business Provisioning (Windows Hello for Business)
|
||||
description: Provisioning for Hybrid Windows Hello for Business Deployments
|
||||
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -18,7 +18,7 @@ ms.date: 08/19/2018
|
||||
# Hybrid Windows Hello for Business Provisioning
|
||||
|
||||
**Applies to**
|
||||
- Windows 10, version 1703 or later
|
||||
- Windows 10, version 1703 or later
|
||||
- Hybrid deployment
|
||||
- Certificate trust
|
||||
|
||||
@ -65,7 +65,7 @@ After a successful key registration, Windows creates a certificate request using
|
||||
|
||||
The AD FS registration authority verifies the key used in the certificate request matches the key that was previously registered. On a successful match, the AD FS registration authority signs the certificate request using its enrollment agent certificate and sends it to the certificate authority.
|
||||
|
||||
The certificate authority validates the certificate was signed by the registration authority. On successful validation of the signature, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user’s certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user they can use their PIN to sign-in through the Windows Action Center.
|
||||
The certificate authority validates the certificate was signed by the registration authority. On successful validation of the signature, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user’s certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user they can use their PIN to sign-in through the Windows Action Center.
|
||||
|
||||
<br><br>
|
||||
|
||||
@ -77,5 +77,5 @@ The certificate authority validates the certificate was signed by the registrati
|
||||
3. [New Installation Baseline](hello-hybrid-cert-new-install.md)
|
||||
4. [Configure Azure Device Registration](hello-hybrid-cert-trust-devreg.md)
|
||||
5. [Configure Windows Hello for Business policy settings](hello-hybrid-cert-whfb-settings-policy.md)
|
||||
6. Sign-in and Provision(*You are here*)
|
||||
6. Sign-in and Provision(*You are here*)
|
||||
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -78,4 +78,4 @@ Sign-in a domain controller or management workstation with *Domain Admin* equiva
|
||||
3. [New Installation Baseline](hello-hybrid-cert-new-install.md)
|
||||
4. [Configure Azure Device Registration](hello-hybrid-cert-trust-devreg.md)
|
||||
5. Configure Windows Hello for Business settings: Active Directory (*You are here*)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -201,4 +201,4 @@ Users must receive the Windows Hello for Business group policy settings and have
|
||||
3. [New Installation Baseline](hello-hybrid-cert-new-install.md)
|
||||
4. [Configure Azure Device Registration](hello-hybrid-cert-trust-devreg.md)
|
||||
5. Configure Windows Hello for Business policy settings (*You are here*)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -48,4 +48,4 @@ For the most efficient deployment, configure these technologies in order beginni
|
||||
3. [New Installation Baseline](hello-hybrid-cert-new-install.md)
|
||||
4. [Configure Azure Device Registration](hello-hybrid-cert-trust-devreg.md)
|
||||
5. Configure Windows Hello for Business settings (*You are here*)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -43,4 +43,4 @@ Next, you need to synchronizes the on-premises Active Directory with Azure Activ
|
||||
4. Configure Directory Synchronization (*You are here*)
|
||||
5. [Configure Azure Device Registration](hello-hybrid-key-trust-devreg.md)
|
||||
6. [Configure Windows Hello for Business settings](hello-hybrid-key-whfb-settings.md)
|
||||
7. [Sign-in and Provision](hello-hybrid-key-whfb-provision.md)
|
||||
7. [Sign-in and Provision](hello-hybrid-key-whfb-provision.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -50,4 +50,4 @@ You’re next step is to familiarize yourself with the prerequisites needed for
|
||||
4. [Configure Directory Synchronization](hello-hybrid-key-trust-dirsync.md)
|
||||
5. [Configure Azure Device Registration](hello-hybrid-key-trust-devreg.md)
|
||||
6. [Configure Windows Hello for Business settings](hello-hybrid-key-whfb-settings.md)
|
||||
7. [Sign-in and Provision](hello-hybrid-key-whfb-provision.md)
|
||||
7. [Sign-in and Provision](hello-hybrid-key-whfb-provision.md)
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
---
|
||||
---
|
||||
title: Hybrid Windows Hello for Business key trust Provisioning (Windows Hello for Business)
|
||||
description: Provisioning for Hybrid Windows Hello for Business Deployments
|
||||
keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -18,7 +18,7 @@ ms.date: 08/20/2018
|
||||
# Hybrid Windows Hello for Business Provisioning
|
||||
|
||||
**Applies to**
|
||||
- Windows 10, version 1703 or later
|
||||
- Windows 10, version 1703 or later
|
||||
- Hybrid deployment
|
||||
- Key trust
|
||||
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -8,8 +8,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -130,4 +130,4 @@ Users must receive the Windows Hello for Business group policy settings and have
|
||||
2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md)
|
||||
3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md)
|
||||
4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-cert-trust-validate-deploy-mfa.md)
|
||||
5. Configure Windows Hello for Business Policy settings (*You are here*)
|
||||
5. Configure Windows Hello for Business Policy settings (*You are here*)
|
||||
|
||||
@ -9,7 +9,7 @@ ms.pagetype: security, mobile
|
||||
author: DaniHalfin
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -47,4 +47,4 @@ Sign-in a domain controller or management workstation with _Domain Admin_ equiva
|
||||
2. [Validate and Configure Public Key Infrastructure](hello-key-trust-validate-pki.md)
|
||||
3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-key-trust-adfs.md)
|
||||
4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-key-trust-validate-deploy-mfa.md)
|
||||
5. [Configure Windows Hello for Business Policy settings](hello-key-trust-policy-settings.md)
|
||||
5. [Configure Windows Hello for Business Policy settings](hello-key-trust-policy-settings.md)
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: conceptual
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -8,8 +8,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
@ -47,4 +47,4 @@ If the user can sign-in with a password, they can reset their PIN by clicking th
|
||||
|
||||
> [!VIDEO https://www.youtube.com/embed/KcVTq8lTlkI]
|
||||
|
||||
For on-premises deployments, devices must be well connected to their on-premises network (domain controllers and/or certificate authority) to reset their PINs. Hybrid customers can on-board their Azure tenant to use the Windows Hello for Business PIN reset service to reset their PINs without access to their corporate network.
|
||||
For on-premises deployments, devices must be well connected to their on-premises network (domain controllers and/or certificate authority) to reset their PINs. Hybrid customers can on-board their Azure tenant to use the Windows Hello for Business PIN reset service to reset their PINs without access to their corporate network.
|
||||
|
||||
@ -7,8 +7,8 @@ ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security, mobile
|
||||
audience: ITPro
|
||||
author: mikestephens-MS
|
||||
ms.author: mstephen
|
||||
author: mapalko
|
||||
ms.author: mapalko
|
||||
manager: dansimp
|
||||
ms.collection: M365-identity-device-management
|
||||
ms.topic: article
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user