Hi,
I am deploying WHfB Cloud Trust in Hybrid Azure AD. I followed the Microsoft Documentation: https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-trust
First I tried using GPO and it works well. I can see the event 358 saying WHfB cloud trust is enabled and the computer got the TGT ticket. Everything works fine.
But then I removed the GPO and tried using Intune. The users are prompted to create the PIN and they are able to log in but it fails randomly. I checked the event viewer and now in the event 358 it says that Cloud Trust is not enabled and the TGT ticket is "not tested"
Both the configuration profiles in Intune (enablement with OMA uri and PIN Reqs) are applied, the state is "Succeded" for the computers. Why is Cloud Trust not enabled? I guess everything is ok in AD and the computer as when I enable the GPO it works fine and I can see how the secret is stored and read in Azure AD. Thanks
Regards.