From c5fe080f8b87a39e655c18d74b2ceb201ebc77cf Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Fri, 14 Feb 2020 19:55:56 +0500 Subject: [PATCH 1/6] Addition of a question I have added a question based on user feedback. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5423 --- .../identity-protection/hello-for-business/hello-faq.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index 07be2bbf3d..17d8ffdc2a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -50,6 +50,9 @@ It is currently possible to set a convenience PIN on Azure Active Directory Join ## Can I use an external camera when my laptop is closed or docked? No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further. +## Why is authentication failed after setting up PIN registration? +In hybrid mode a lot sync happened after enrollment for authentication to work. Authentication will only work when the sync between AD Connect server to Azure AD will be completed.This sync depends on the sync time setup for AD Connect server to Azure AD. + ## What is the password-less strategy? Watch Principal Program Manager Karanbir Singh's Ignite 2017 presentation **Microsoft's guide for going password-less**. From b9672d67dc77b862091848e4ab3265ecc8fcb5a1 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Fri, 14 Feb 2020 22:44:12 +0500 Subject: [PATCH 2/6] Update windows/security/identity-protection/hello-for-business/hello-faq.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../identity-protection/hello-for-business/hello-faq.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index 17d8ffdc2a..d6e5701e6a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -51,7 +51,7 @@ It is currently possible to set a convenience PIN on Azure Active Directory Join No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further. ## Why is authentication failed after setting up PIN registration? -In hybrid mode a lot sync happened after enrollment for authentication to work. Authentication will only work when the sync between AD Connect server to Azure AD will be completed.This sync depends on the sync time setup for AD Connect server to Azure AD. +In hybrid mode, a lot of sync happen after enrollment for authentication to work. Authentication will only work when the sync between the AD Connect server to Azure AD is completed. This sync depends on the sync time setup for AD Connect server to Azure AD. ## What is the password-less strategy? Watch Principal Program Manager Karanbir Singh's Ignite 2017 presentation **Microsoft's guide for going password-less**. @@ -169,4 +169,3 @@ Windows Hello for Business can work with any third-party federation servers that ## Does Windows Hello for Business work with Mac and Linux clients? Windows Hello for Business is a feature of Windows 10. At this time, Microsoft is not developing clients for other platforms. However, Microsoft is open to third parties who are interested in moving these platforms away from passwords. Interested third parties can get more information by emailing [whfbfeedback@microsoft.com](mailto:whfbfeedback@microsoft.com?subject=collaboration). - From 069729b22debc4ac7d5da725152fbacdeed800bc Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Fri, 14 Feb 2020 22:44:55 +0500 Subject: [PATCH 3/6] Update windows/security/identity-protection/hello-for-business/hello-faq.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../identity-protection/hello-for-business/hello-faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index d6e5701e6a..7708e35410 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -50,7 +50,7 @@ It is currently possible to set a convenience PIN on Azure Active Directory Join ## Can I use an external camera when my laptop is closed or docked? No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further. -## Why is authentication failed after setting up PIN registration? +## Why does authentication fail after setting up PIN registration? In hybrid mode, a lot of sync happen after enrollment for authentication to work. Authentication will only work when the sync between the AD Connect server to Azure AD is completed. This sync depends on the sync time setup for AD Connect server to Azure AD. ## What is the password-less strategy? From cf625df02cfbae95f3a397bdbd2639086e1ec4fe Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Tue, 18 Feb 2020 11:05:21 +0500 Subject: [PATCH 4/6] Update windows/security/identity-protection/hello-for-business/hello-faq.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../identity-protection/hello-for-business/hello-faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index 7708e35410..1afd73f1bc 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -51,7 +51,7 @@ It is currently possible to set a convenience PIN on Azure Active Directory Join No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further. ## Why does authentication fail after setting up PIN registration? -In hybrid mode, a lot of sync happen after enrollment for authentication to work. Authentication will only work when the sync between the AD Connect server to Azure AD is completed. This sync depends on the sync time setup for AD Connect server to Azure AD. +In hybrid mode, a lot of sync happens after enrollment for authentication to work. Authentication will only work when the sync between the AD Connect server to Azure AD is completed. This sync depends on the sync time setup for AD Connect server to Azure AD. ## What is the password-less strategy? Watch Principal Program Manager Karanbir Singh's Ignite 2017 presentation **Microsoft's guide for going password-less**. From 4f92b35f8ceade74e97d8d3e0083e0b3764d919f Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Thu, 27 Feb 2020 14:32:36 +0500 Subject: [PATCH 5/6] Update windows/security/identity-protection/hello-for-business/hello-faq.md Co-Authored-By: mapalko --- .../identity-protection/hello-for-business/hello-faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index 1afd73f1bc..33caafa78f 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -50,7 +50,7 @@ It is currently possible to set a convenience PIN on Azure Active Directory Join ## Can I use an external camera when my laptop is closed or docked? No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further. -## Why does authentication fail after setting up PIN registration? +## Why does authentication fail immediately after provisioning Hybrid Key Trust? In hybrid mode, a lot of sync happens after enrollment for authentication to work. Authentication will only work when the sync between the AD Connect server to Azure AD is completed. This sync depends on the sync time setup for AD Connect server to Azure AD. ## What is the password-less strategy? From b8737350970352e8d264cb7828fef6fe4c65c1d7 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Thu, 27 Feb 2020 14:32:48 +0500 Subject: [PATCH 6/6] Update windows/security/identity-protection/hello-for-business/hello-faq.md Co-Authored-By: mapalko --- .../identity-protection/hello-for-business/hello-faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index 33caafa78f..7d47fb49d1 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -51,7 +51,7 @@ It is currently possible to set a convenience PIN on Azure Active Directory Join No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further. ## Why does authentication fail immediately after provisioning Hybrid Key Trust? -In hybrid mode, a lot of sync happens after enrollment for authentication to work. Authentication will only work when the sync between the AD Connect server to Azure AD is completed. This sync depends on the sync time setup for AD Connect server to Azure AD. +In a hybrid deployment, a user's public key must sync from Azure AD to AD before it can be used to authenticate against a domain controller. This sync is handled by Azure AD Connect and will occur during a normal sync cycle. ## What is the password-less strategy? Watch Principal Program Manager Karanbir Singh's Ignite 2017 presentation **Microsoft's guide for going password-less**.