Some users may be experiencing Biometric login issues when they try to sign-in to their Windows 10 systems joined to a domain. If you cannot login with Fingerprint to domain account, then this post shows how to enable Biometrics on a Windows 10 system joined to a Domain. The error message you may receive is:
Fingerprint Logon is not enabled for domain accounts on this machine. Log on using other credentials or see your system administrator.
Cannot log in with Fingerprint in Windows 10 joined to a Domain
You have successfully set up Biometric (fingerprint) sign-in for your Windows 10 device. Now you can unlock your device with your fingerprint but unable to sign-in to the Windows 10 device on a domain with the same fingerprint.
At login, Windows shows that your password has changed on another device (which with all certainty, it hasn’t). In Sign-in options, Windows shows that the Windows Hello PIN is ‘currently unavailable’.
When you click ‘more info’ it says:
Sorry – This PIN isn’t working for your organisation’s resources. Tap or click here to fix it.
This takes you to a “Set up PIN” page (even though a PIN was already configured).
Read: How to fix Windows 10 Hello error codes.
It’s imperative to point out that by default, Biometric logon to domains via Windows 10 devices is Not configured or Disabled, even though you have already set up biometric sign-in on the devices.
So the fix to the issue is a simple one. You’ll need to enable Biometrics Sign In on Windows 10 joined to a Domain, by configuring the following polisy:
Allow domain users to logon on using biometrics
Once you complete the action, you can now successfully logon to the domain on the device.
Hope you get it working.