none
Security baseline conflicts RRS feed

  • Question

  • Hi,

     

    I have a client that isn't ready for Windows Hello so its therefore disabled within an identity protection policy and within Windows enrolment.

    When applying the security baseline, the only configuration options for Windows Hello are enabled and not configured. This creates a policy conflict as the option for enablement within the identify protection policy is set to disabled. If I set this to not configured Windows will by default request Windows Hello configuration during sign in for an enrolled Windows 10 device.

    The same issues applies to the PIN options, these are not truly configurable within the Windows security baseline policy, I cannot set these to not configured and match them with the not configured parameters in the identity protection policy, this therefore causes a conflict. 

     

    Is there a way around this at all?

     

    Thanks

     

    Ben

    Tuesday, October 8, 2019 4:03 PM

All replies