• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Biometrics Sign-in for Domain Users - Allow in Windows 8.1


Brink

Administrator
Administrator
mvp
Posts
23,623
Biometrics Sign-in for Domain Users - Allow in Windows 8.1
This tutorial will show you how to enable or disable users with a domain account to be able to elevate UAC and sign-in to Windows 8.1 or Windows RT 8.1 with biometrics (ex: fingerprint).
Published by Brink
#1
Category:
ByLine
How to Enable or Disable Biometrics Sign-in for Domain Users in Windows 8.1
Synopsis
This tutorial will show you how to enable or disable users with a domain account to be able to elevate UAC and sign-in to Windows 8.1 or Windows RT 8.1 with biometrics (ex: fingerprint).
How to Enable or Disable Biometrics Sign-in for Domain Users in Windows 8.1

information   Information
Starting in Windows 8.1 and Windows RT 8.1, a fingerprint registration application in PC settings is now included, thereby removing the need for a hardware manufacturer to provide such an application.

Local users (Microsoft and local accounts) are able to sign-in with a fingerprint (biometrics) by default in Windows 8.1 unless disabled.

Domain users will not be able sign-in with a fingerprint (biometrics) by default in Windows 8.1 unless enabled.


This tutorial will show you how to enable or disable users with a domain account to be able to elevate UAC and sign-in to Windows 8.1 or Windows RT 8.1 with biometrics (ex: fingerprint).

You must be signed in as an administrator to be able to do the steps in this tutorial.





OPTION ONE
Enable or Disable Fingerprint Sign-in for Domain Users using a REG File


Note   Note
The .reg files below are for the registry key and value below.

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Biometrics\Credential Provider

Domain Accounts DWORD

0 = Disable Fingerprint for Domain users
1 = Enable Fingerprint for Domain users


1. Do step 2 or 3 below for what you would like to do.​
2. To Disable Fingerprint Sign-in for Domain Users
NOTE: This is the default setting.​
A) Click/tap on the Download button below to download the file below, and go to step 4 below.​
Prevent_Domain_Users_to_Sign-in_using_Biometrics.reg
download
3. To Enable Fingerprint Sign-in for Domain Users
A) Click/tap on the Download button below to download the file below, and go to step 4 below.​
Allow_Domain_Users_to_Sign-in_using_Biometrics.reg
download
4. Save the .reg file to your desktop.​
5. Double click/tap on the downloaded .reg file to merge it.​
6. If prompted, click/tap on Run, Yes (UAC), Yes, and OK.​
7. When finished, you can delete the downloaded .reg file if you like.​






OPTION TWO
Enable or Disable Fingerprint Sign-in for Domain Users in Group Policy

NOTE: This option for using group policy is only available in the Windows 8.1 Pro, Windows RT 8.1 Pro, and Windows 8.1 Enterprise editions.
1. From the Start screen, start typing gpedit.msc, and press Enter when finished.​
NOTE: You could also press Windows+R to open the Run dialog, type gpedit.msc, and click/tap on OK.​
2. If prompted by UAC, then click/tap on Yes.​
3. In the left pane, click/tap on to expand Computer Configuration, Administrative Templates, Windows Components, and open Biometrics. (see screenshot below)​
Biometrics_GPEDIT-1.jpg
4. In the right pane of Biometrics, double click/tap on Allow domain users to log on using biometrics. (see screenshot above)​
5. Do step 6 or 7 below for what you would like to do.​
6. To Disable Fingerprint Sign-in for Domain Users
A) Select (dot) Disabled or Not Configured, click/tap on OK, and go to step 8 below. (see screenshot below step 7A)​
NOTE: Not Configured is the default setting.​
7. To Enable Fingerprint Sign-in for Domain Users
A) Select (dot) Enabled, click/tap on OK, and go to step 8 below. (see screenshot below)​
Biometrics_GPEDIT-4.jpg
8. You can now close the Local Group Policy Editor window if you like.​

That's it,
Shawn


 
Last edited:

My Computer

System One

  • OS
    64-bit Windows 10
    Computer type
    PC/Desktop
    System Manufacturer/Model Number
    Custom self built
    CPU
    Intel i7-8700K OC'd to 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    16 GB (8GBx2) G.SKILL TridentZ DDR4 3200 MHz
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    3 x 27" Asus VE278Q
    Screen Resolution
    1920x1080
    Hard Drives
    250GB Samsung 960 EVO M.2,
    256GB OCZ Vector,
    6TB WD Black WD6001FZWX
    8TB WD MyCloudEX2Ultra NAS
    PSU
    OCZ Series Gold OCZZ1000M 1000W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Browser
    Internet Explorer 11
    Antivirus
    Malwarebyte Anti-Malware Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    Linksys EA9500 router,
    Arris SB8200 cable modem,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Lumia 1520 phone

Brooklyn567

New Member
Power User
Maryland USA

Posts
758
#2
Will this only enter my password or my username AND password, so as not to use the keyboard all?
 

My Computer

System One

  • OS
    Windows 8 & Windows 7 Dual Boot
    Computer type
    Laptop
    System Manufacturer/Model Number
    HP G60
    CPU
    AMD Turion RM-70 Dual Core 2.0 GHZ
    Memory
    3 GB
    Graphics Card(s)
    Nvidia GeForce 8200M G
    Screen Resolution
    1366 x 768
    Mouse
    MS Intellipoint 5 button (love it!)
    Browser
    Chrome and Chromium
    Antivirus
    Avast Free & Malwarebytes

Brink

Administrator
Administrator
mvp
Posts
23,623
#3
Hello David,

No. It will only use your fingerprint as the credential instead of a password. :)
 

My Computer

System One

  • OS
    64-bit Windows 10
    Computer type
    PC/Desktop
    System Manufacturer/Model Number
    Custom self built
    CPU
    Intel i7-8700K OC'd to 5 GHz
    Motherboard
    ASUS ROG Maximus XI Formula Z390
    Memory
    16 GB (8GBx2) G.SKILL TridentZ DDR4 3200 MHz
    Graphics Card(s)
    ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
    Sound Card
    Integrated Digital Audio (S/PDIF)
    Monitor(s) Displays
    3 x 27" Asus VE278Q
    Screen Resolution
    1920x1080
    Hard Drives
    250GB Samsung 960 EVO M.2,
    256GB OCZ Vector,
    6TB WD Black WD6001FZWX
    8TB WD MyCloudEX2Ultra NAS
    PSU
    OCZ Series Gold OCZZ1000M 1000W
    Case
    Thermaltake Core P3
    Cooling
    Corsair Hydro H115i
    Keyboard
    Logitech wireless K800
    Mouse
    Logitech MX Master
    Internet Speed
    1 Gb/s Download and 35 Mb/s Upload
    Browser
    Internet Explorer 11
    Antivirus
    Malwarebyte Anti-Malware Premium
    Other Info
    Logitech Z625 speaker system,
    Logitech BRIO 4K Pro webcam,
    HP Color LaserJet Pro MFP M477fdn,
    Linksys EA9500 router,
    Arris SB8200 cable modem,
    APC SMART-UPS RT 1000 XL - SURT1000XLI,
    Lumia 1520 phone

Users Who Are Viewing This Thread (Users: 0, Guests: 1)