Fingerprint And PIN Options Unavailable In Windows 10 Update 1607

Sharing Options:
Fingerprint And PIN Options Unavailable In Windows 10 Update 1607
5 (100%) 3 votes

mg_wn10Fingerprint And PIN Options Unavailable In Windows 10 Update 1607

 

After installing Windows 10 Professional (Pro) or Enterprise (Ent) the PIN and fingerprint sign-in options are unavailable (greyed out) and the buttons are disabled.  This behavior does not exist on prior builds, including the 1511 update.  The “Picture Password” option still works and is available.  This behavior is noted on domain joined computers.

Starting with the 1607 update, this functionality must be enabled via group policy, manual registry key change or by using a .REG file export of the necessary change and running on the affected computer(s).  The key in question is “AllowDomainPinLogon”.  This value must be set to “1” to enable these functions.  This assumes you are running domain controllers on Windows Server 2012R2 or earlier.

Note: On 2016 Server domain controller deployments, you may also find group policy settings under COMPUTER -> Administrative Templates -> System -> Logon -> Turn On Convenience PIN Sign-In.  You can define this setting to ENABLED to effectively do the same thing as above on 2012R2 and earlier.

 


Resolution Methods:

OPTION 1 : Manually edit the registry on the affected computer(s):

  • Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System
  • Create a new DWORD (32-bit Value) named “AllowDomainPINLogon”
  • Then set the value to 1 (Decimal)
  • Restart the computer for the changes to take effect

OPTION 2 : Create a group policy to make the registry change:

  • New Group Policy (or update existing) – in our example, we added to an existing USER policy.
  • Navigate to : User Configuration -> Preferences -> Windows Settings -> Registry
  • Choose New -> Registry Item
    • Under the ‘General Tab‘ – use these settings:
      • Action: Update
      • Hive: HKEY_LOCAL_MACHINE
      • Key Path: SOFTWARE\Policies\Microsoft\Windows\System
      • Value Name: AllowDomainPINLogon
      • Value Type: REG_DWORD
      • Value Data: 1 (Decimal)
    • Under the ‘Common Tab‘ – use these settings:
      • Nothing selected (no checkboxes)
      • In our case we did not run this under the ‘logged in user securty context’ because we are modifying the ‘HKEY_LOCAL_MACHINE‘ hive which the logged in user may not have access to.
      • Restart the for the changes to take effect (after replication of group policy has completed!)

OPTION 3 : Download the attached .REG file:

  • You can download and use the [allowdomainpin_fix.reg] file to make this change for you (provided by Blog Encounters Support).
  • You can manually run this file or deploy via group policy, however, OPTION 2 above is a better option for group policy deployments.


Tag: Fingerprint And PIN Options Unavailable – Windows 10 – Update 1607 – Greyed Out – Buttons Disabled – Domain Joined Computers – Windows 10 Pro – Windows 10 Enterprise

Tags: #windows10 #microsoft #techsupport #registry #enterprise #domain #windows

Sharing Options:

Be the first to comment

Leave a Reply