Windows Hello for Business Disabled within environment but users can still authenticate with it.

Customer environment has WHfB disabled, however when they are running access reports they are seeing a significant number of device joins leveraging WHfB anyway. If these were BYOD devices, where users may have enabled this authentication method themselves, would those credentials then be passed to Azure as a trusted source? I know that once joined to the domain, these user are still being challenged to authenticate for any inside resource access because WHfB is current disabled for the environment. This scenario would explain the reporting, but I want to be sure I'm not missing anything.

· 1

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Givary-MSFT · May 10 at 12:41 PM

@sjstronach

Apologies for the delayed response.

I would need few more details regarding this issue to assist you better.
Please send me an email to 'AzCommunity@microsoft.com' with Sub - Attn: Givary and following details in the email body:
Link to this thread/post
We can connect offline and discuss further on this.