You're reading from Mastering Microsoft Endpoint Manager Deploy and manage Windows 10, Windows 11, and Windows 365 on both physical and cloud PCs

Product type Paperback

Published in Oct 2021

Publisher Packt

ISBN-13 9781801078993

Length 666 pages

Edition 1st Edition

Tools

Microsoft Project

Concepts

Network Security

Author (1):

Per Larsen

View More author details

Table of Contents (24) Chapters

Preface

1. Section 1: Understanding the Basics

2. Chapter 1: Introduction to Microsoft 365 FREE CHAPTER

3. Chapter 2: What Is Unified Endpoint Management?

4. Section 2: Windows 365

5. Chapter 3: Introducing Windows 365

6. Chapter 4: Deploying Windows 365

7. Section 3: Mastering Microsoft Endpoint Manager

8. Chapter 5: Requirements for Microsoft Endpoint Manager

9. Chapter 6: Windows Deployment and Management

10. Chapter 7: Manager Windows Autopilot

11. Chapter 8: Application Management and Delivery

12. Chapter 9: Understanding Policy Management

13. Chapter 10: Advanced Policy Management

14. Chapter 11: Office Policy Management

15. Chapter 12: User Profile Management

16. Chapter 13: Identity and Security Management

17. Chapter 14: Monitoring and Endpoint Analytics

18. Chapter 15: Universal Print

19. Section 4: Tips and Tricks from the Field

20. Chapter 16: Troubleshooting Microsoft Endpoint Manager

21. Chapter 17: Troubleshooting Windows 365

22. Chapter 18: Community Help

23. Other Books You May Enjoy

Enabling password-less authentication

To enable password-less authentication, you have to go to the Azure portal and open AAD. Then, follow these steps:

Go to Security.
Open Authentication methods.
Under the Manage menu, select Authentication methods.
Figure 13.34 – Authentication methods
Click on FIDO2 Security Key.
Figure 13.35 – Authentication methods – Policies
Enable the settings for (at least) sign-in and strong authentication.

Figure 13.36 – FIDO2 security key configuration

You can also use a key restriction policy to specify what FIDO2 keys your end users can leverage in your tenant, by entering an allow or block list of devices with an Authenticator Attestation GUID (AAGUID).

The FIDO2 specification requires each security key provider to provide an AAGUID during attestation. An AAGUID is a 128-bit identifier indicating the key type, such as the make and model.

You're now done with the...