Dear Ladies and Gentlemans
I have testet a lot of things and can't get rid of the issue.
In the first phase our user accounts weren't synchronized with the azure Ad. (now they are, thanks to Microsoft)
In the second Phase our Servers didn't get the right infrastructure, so we changed all devices to Server 2022 and to Domainlevel Server 2016 because its a requirement.
In the Azure AD i have also joined computers but i cannot find any Grouppolicy on my Server like her described:
https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.CredentialProviders::AllowSecurityKeySignIn&Language=de-de. So its actually not possible to allow the devices to login with security stick.
What i want to do: I want to have an SSO for Windows Clients by an Fido2 authentication.
The Same Login must be used with Office.
Can somebody help me?