From ccd2936470bae0c7bdec504a36e81d37390b0fdc Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 11 Dec 2023 10:32:27 -0500 Subject: [PATCH] Refactor code for improved performance and readability --- .../hello-for-business/rdp-sign-in.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/rdp-sign-in.md b/windows/security/identity-protection/hello-for-business/rdp-sign-in.md index d8eeb1624a..11e88da205 100644 --- a/windows/security/identity-protection/hello-for-business/rdp-sign-in.md +++ b/windows/security/identity-protection/hello-for-business/rdp-sign-in.md @@ -240,11 +240,6 @@ Encryption test passed Once users obtain their certificate, they can RDP to any Windows devices in the same Active Directory forest as the users' Active Directory account by opening the Remote Desktop Client (`mstsc.exe`). When connecting to the remote host, they're prompted to use Windows Hello for Business to unlock the private key of the certificate. -> [!VIDEO https://learn-video.azurefd.net/vod/player?id=b6e1038d-98b5-48dc-8afb-65523d12cfaf] - -> [!NOTE] -> The user must be authorized to connect to the remote server using the Remote Desktop protocol, for example by being a member of the Remote Desktop Users local group on the remote host. - :::row::: :::column span="2"::: **Microsoft Entra joined device** @@ -266,6 +261,13 @@ Once users obtain their certificate, they can RDP to any Windows devices in the :::column-end::: :::row-end::: +Here's a brief video showing the user experience from a Microsoft Entra joined device using fingerprint as unlock factor: + +> [!VIDEO https://learn-video.azurefd.net/vod/player?id=b6e1038d-98b5-48dc-8afb-65523d12cfaf] + +> [!NOTE] +> The user must be authorized to connect to the remote server using the Remote Desktop protocol, for example by being a member of the Remote Desktop Users local group on the remote host. + ## Compatibility While users appreciate the convenience of biometrics, and administrators value the security, you might experience compatibility issues with applications and Windows Hello for Business certificates. In such scenarios, you can deploy a policy setting to revert to the previous behavior for the users needing it.