Policy
Allow domain users to log on using biometrics
This policy setting determines whether users with a domain account can log on or elevate User Account Control (UAC) permissions using biometrics. If you enable or do not configure this policy setting, Windows allows domain users to log on to a domain-joined computer using biometrics. If you disable this policy setting, Windows prevents domain users from logging on to a domain-joined computer using biometrics. Note: Prior to Windows 10, not configuring this policy setting would have prevented domain users from using biometrics to log on.
c96dbe28b91bBiometrics_EnableDomainCredProvRegistry
Copy registry mappings
HKLM\SOFTWARE\Policies\Microsoft\Biometrics\Credential Provider\Domain Accounts (enabled) = 1
HKLM\SOFTWARE\Policies\Microsoft\Biometrics\Credential Provider\Domain Accounts (disabled) = 0Policy notes
This policy setting determines whether users with a domain account can log on or elevate User Account Control (UAC) permissions using biometrics. If you enable or do not configure this policy setting, Windows allows domain users to log on to a domain-joined computer using biometrics. If you disable this policy setting, Windows prevents domain users from logging on to a domain-joined computer using biometrics. Note: Prior to Windows 10, not configuring this policy setting would have prevented domain users from using biometrics to log on.