question

M2ho65-5300 avatar image
0 Votes"
M2ho65-5300 asked CarlFan-MSFT answered

Server 2019 Fingerprint Sign in

Hi, I apologize if this isn't correct area. I have a problem with a No Domain Server 2019 std (OS Build 17763.1557) and Fingerprint Scan device. I have configured GPO and registry key, installed Windows Biometric Framework and Hallo for Business, but in the Sign-In Options Fingerprint and PIN are disabled (gray). In Device Manager the device is correctly detect (Synaptics WBDI SGX) and working properly. Server and device has been supplied and certified by our official supplier. But don't work...
My configuration:

HKLM\SOFTWARE\Policies\Microsoft\PassportForWork
EnablePinRecovery DWORD 0x00000001
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System
AllowDomainPINLogon DWORD 0x00000001

GPO:
Computer configuration - Administrative Templates - System - Logon
Turn on convenience PIN sign-in: Enabled

Windows Components - Biometrics
Allow the use of biometrics: Enabled
Allow users to logon using biometrics: Enabled
Allow domain users to log on using biometrics: Enabled

Windows Hello For Business
Use a hardware security device: Enabled
Use biometrics: Enabled
Use Windows Hello for Business: Enabled

Result:
In Settings-Account-Sign-in options, it states 'Some settings are managed by your organization'. Fingerpringt, PIN options are greyed out and not accessible. I repeat, the server not registered on the domain but work in a restricted Workgroup. Access enabled only for local users. No RDP enabled.

Any idea for resolving my problem?

Kind regards (and apologize my english)
Maury

windows-serverwindows-server-2019
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CarlFan-MSFT avatar image
0 Votes"
CarlFan-MSFT answered

Hi,
According to your description, you have checked the GPO and Registry. It would be OK.
"Some settings are managed by your organization" issue always occurred on an domain machine. But it is a No Domain Server 2019, I consider that you could check for update firstly. If you could find any security updates, installing them to check.
Then I can't confirm if it is related to the driver. So please try to update the driver or use an order Fingerprint to check.
Hope this helps and please help to accept as Answer if the response is useful.
Best Regards,
Carl

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

M2ho65-5300 avatar image
0 Votes"
M2ho65-5300 answered

Hi Carl,
thanks for reply.
Yes, the server is not registered on company domain, work in a separated workgroup.

  • All Microsoft patch are installed.

  • The driver are updated, I tried: manufacturer driver, Microsoft catalog driver without result.

  • Microsoft Update does not report driver update for this device,

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CarlFan-MSFT avatar image
0 Votes"
CarlFan-MSFT answered

Hi Maury,
I'm sorry to see your message when I just came back from vacation.
Thank you for your information.
So I consider that you may need to perform a repair upgrade using the Windows Server 2019 installation to check. Just like WIn10 in the information below.
https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install/how-to-perform-a-repair-upgrade-using-the-windows/35160fbe-9352-4e70-9887-f40096ec3085
Hope this helps and please help to accept as Answer if the response is useful.
Best Regards,
Carl

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.