Multi-factor Unlock

Richard Morris 21 Reputation points
2021-03-13T08:38:18.547+00:00

I'm testing various options for multi-factor unlock (https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock), I'm applying the settings via Microsoft Endpoint and I can't find a great deal of information about troubleshooting trusted signal rules. Applying rules that enable the 2nd factor to be my mobile phone works: OMA-URI - ./Device/Vendor/MSFT/PassportForWork/DeviceUnlock/GroupA Value - {D6886603-9D2F-4EB2-B667-1971041FA96B},{BEC09223-B018-416D-A0AC-523971B639F5},{8AF662BF-65A0-4D0A-A540-A338A999D36F} OMA-URI - ./Device/Vendor/MSFT/PassportForWork/DeviceUnlock/GroupB Value - {D6886603-9D2F-4EB2-B667-1971041FA96B},{27FBDB57-B613-4AF2-9D7E-4FA7A66C21AD} OMA-URI - ./Device/Vendor/MSFT/PassportForWork/DeviceUnlock/Plugins Value - <rule schemaVersion="1.0"><signal type="bluetooth" scenario="Authentication" classOfDevice="512" rssiMin="-10" rssiMaxDelta="-10"/></rule> I can't get the other signal types to work though. I've tried several options including the following for wireless detection and network detection and none have worked although I was connected to a wireless network at the time: OMA-URI - ./Device/Vendor/MSFT/PassportForWork/DeviceUnlock/Plugins Value - <rule schemaVersion="1.0"><signal type="wifi"><ssid>myssid</ssid><security>WPA2-Enterprise</security></signal></rule> OMA-URI - ./Device/Vendor/MSFT/PassportForWork/DeviceUnlock/Plugins Value - <rule schemaVersion="1.0"><signal type="ipConfig"><ipv4DnsServer>192.168.1.2</ipv4DnsServer></signal></rule> I can see what methods were used for authentication in Event Viewer / Application and Services Logs / Microsoft / Windows / Hello for Business / Operational but I can't see how the signal rules were interpreted and why they are failing as a 2nd form of authentication. Where do I start to look at troubleshooting how the trusted signal rules are validated?

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,701 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,767 questions
0 comments
Accepted answer
  1. Teemo Tang 11,351 Reputation points
    2021-03-15T07:37:24.183+00:00

    On Windows 10 forum, we prefer to discussing Windows 10 built-in security features such as Windows Defender, BitLocker. About Microsoft Endpoint or Windows Hello for Business question, I suggest to ask for help from Microsoft Endpoint Manager community
    https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager/ct-p/microsoft-endpoint-manager
    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn.
    Thanks for your understanding and cooperating.

    -------------------------------------------------------------------------------------

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest