Milan KTG Posted September 24 Share Posted September 24 Hello, We have a website that requires a passkey setup to login. This uses Windows Hello. I don't believe we can use Windows Hello to setup PIN in a non persistent VDI environment? One option seems to be USB security key. I purchased a Yubikey and others to test this but Windows on VDI is not detecting device. We have USB redirection enabled, a regular USB storage device works. Can anyone help with this? I could not find any documentation. There seems to be some people that have got it working on reddit but not with much information. I tired only enabling FIDO2 on Yubikey but that still did not work. Quote Link to comment Share on other sites More sharing options...
Jeremy Lippert Posted September 24 Share Posted September 24 We disable all USB redirection all together via DEM policies (still have the USB redirection enabled via the agent install though). And IIRC (sorry it was many months ago), all I did to make a FIDO2 Yubikey work inside our Edge/Chrome browsers was to enable the following policy via the Agent ADMX policies on our VDI desktop OU's. Quote Link to comment Share on other sites More sharing options...
Dominik Wimmer Posted September 25 Share Posted September 25 On which Horizon version are you running? With 2306 FIDO2 is supported and worked out of the box with our Yubikeys, without USB redirection. Quote Link to comment Share on other sites More sharing options...
Milan KTG Posted September 26 Author Share Posted September 26 We are on 2312, it working now. Had one bad key. Thank you both. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.