Enable Logons to Domain Accounts Using Biometric Fingerprint Reader and facial recognition

Most of new Windows 10 devices allows you to login using fingerprint or facial recognition, but if your computer is under a domain policy probably you are not able to do this. I was searching for a god way to enable this option for domain end users, first of all I tryed to add a Windows 10 admx template to my domain controllers and then I enabled telemetrichs options on it, but it wasn’t enought, it didn’t work’s. finally I find a key on register where we can enable this option.

  • Run “regedit”
  •  Go to <HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System>
  • Add “DWORD (32 bits)” Key
    • AllowDomainPINLogon  Hexadecimal 1

You can do this creating a new policy and apply to specific OU. (Don’t do this on Default domain policy, it’s much better to create a new one)

Take in mind to apply this new GPO where desired computers are located in your domain

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.