This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 9%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
I have deployed a policy from Intune to enable Biometric Login.
However, after setting up my Fingerprint on my Windows 10 device I am not getting a sign-in option using Fingerprint after shut down and re-boot. It shows only password option for sign-in.
When I login using password, and go to Sign-in options in Settings, the fingerprint setup is wiped off and it asks me for a fresh setup.
Event Viewer shows :
Windows Hello for Business provisioning will not be launched.
Device is AAD joined ( AADJ or DJ++ ): Not Tested
User has logged on with AAD credentials: No
Windows Hello for Business policy is enabled: Not Tested
Windows Hello for Business post-logon provisioning is enabled: Not Tested
Local computer meets Windows hello for business hardware requirements: Not Tested
User is not connected to the machine via Remote Desktop: Yes
User certificate for on premise auth policy is enabled: Not Tested
Machine is governed by none policy.
Cloud trust for on premise auth policy is enabled: Not Tested
User account has Cloud TGT: Not Tested
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Harry , For our issue, firstly, please ensure the Fingerprint sensor requirements are met on our devices.
https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise#where-is-windows-hello-data-stored
Then try to enable windows Hello Fingerprint Login on the affected device manually to see if it can work.
For the error in event view, it can be generated when no AAD user logging the device. After the policy is assigned to the device group, we can logged one user to sync and get the policy, and go to Settings > Accounts > Sign-in Options to set the fingerprint. Then restart the device to see if it can work.
However, if it still failed, please collect the following information to clarify:
Please try the above suggestion and if there's anything unclear, feel free to let us know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@Harry , Hope things are going well. If there's anything unclear of previous information, feel free to let us know.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 35%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
I has same error and can't find way for resolve
I've created Account protection policy with next settings (see winhello01) and assign to device group (see winhello02)
After boot and user's log-in all correctly, but after sometime (approximately 10-20 minutes on Settings > Accounts > Sign-in Options we see error (see winhello03)
But what is most interesting, the error disappears after a while, and then appears.
After reboot all repeats!
Have any ideas or update for this issue?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 88%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
It is total insanity!
I have same maddening issue with Hello for Business
Enroll (setup) fingerprint on Azure AD/Intune machine
It works if I ie lock the session, it might even work after first reboot. Then never again. It either does not show as an option, of it shows, accepts fingerprint, but instantly requests PIN
I can delete the fingerprint & set it up again, and the same will happen over & over.
Same behaviour applies to Face recognition. And it is not specific hardware (so far tested on two separate Dell Latitude 7400 2-in-1 & Latitude 7420
If I do use either face or fingerprint on NON Azure/Intune machine (with local login of Microsoft login), it ALWAYS work just fine (also tested on multiple hardware)
So it is only Azure AD/Intune devices
The policies are correct (otherwise it would never allow to login)
Seb