Windows Hello - not true passwordless for RemoteApp or RDP!!!

Jeffrey Boateng 6 Reputation points
2022-07-25T21:09:06.28+00:00

Hi, I have set Windows Hello & NDES/SECP certificates on my environment for my Azure AD joined devices. The users still use RemoteApps via a VPN to access virtual applications. I am trying to set it up that the users use WIndows Hello to access all on-prem applications.

So far, It authenticates with the biometrics or pin but when the RDP session opens it asks for the users credentials to access the session hosts. Is this the expected behaviour? I tried a normal RDP session to a server using Windows Hello biometrics and it takes me to the server but then I still need to enter my credentials?

Can anyone help or share their experience with Windows Hello and RDP?

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,736 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,258 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,608 questions
0 comments No comments
{count} vote

2 answers

Sort by: Most helpful
  1. S.Sengupta 19,741 Reputation points MVP
    2022-07-26T00:16:03.223+00:00

    Kindly go through the following:

    Passwordless RDP with Windows Hello for Business


  2. Christian Laboy 1 Reputation point
    2022-11-14T21:27:54.1+00:00

    I had the same behavior. The issue is most likely with your cert. If it does not have the correct "Intended Purpose" values, it will cause this behavior.

    Take a look at your NDES config, specifically what cert templates you have set in your registry. Remember, an NDES server can only issue certs from 1 template per usage (there are 3 total). They need to match your "key usage" chosen in Intune and the templates themselves need the correct entries in the "Extensions" tab.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.