Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Window Hello for Business Authentication

NetworkBod
Contributor
‎02-18-2021 09:07:AM
‎02-18-2021 09:07:AM

Window Hello for Business Authentication

Hi Everyone,

 

Im trying to configure Pulse to use 'Windows hello for business' credentials / cert as authentication. I found a Pulse WHFB guide which advises to upload CA cert (AADJ certificate) then create a new realm with cert authentication but the guide doesnt explain this step at all, i then read another post stating to setup SAML authentication method so getting confused to exactly what is required to get this working.

 

I did contact support but gave up after numerous calls they then sent me a document from 2015 bearing no relation to what i was trying to achieve.

 

Has anyone got WHFB to work with Pulse? any pointers would be appreciated.

 

Thanks

3 REPLIES 3
zanyterp
Moderator
Moderator
‎02-19-2021 08:03:PM
‎02-19-2021 08:03:PM

Re: Window Hello for Business Authentication

 

i do not have a way to test it; however, you follow the guide for configuring cert auth. can you send me the case number, please, so I can check on what happened on this side?
as far as configuring cert auth:

  • navigate to Authentication>Auth Servers
  • Change the server type to Certificate and Click on New Server
  • Set the username template (the sample usually works successfully)
  • Save changes
  • navigate to Users>User Realms>New realm
  • set the name to your desired name
  • set the auth server to the certificate server you created above
  • save changes
  • click on role mapping
  • click on new rule
  • provide a name for the rule
  • set the match requirement to *
  • save changes
  • navigate to Authentication>Signing In>Sign-In Pages
  • Click on new URL
  • provide a URL to use
  • click the radio button for the user to select the realm
  • choose your cert realm from above and move to the right
  • save changes
     
NetworkBod
Contributor
‎02-22-2021 06:13:AM
‎02-22-2021 06:13:AM

Re: Window Hello for Business Authentication

Hi Zanyterp,

 

Thanks for your response, is that the correct way to configure authentication though for 'Windows Hello for business'. The Certificate Auth Server will only check if the connecting device has an appropriate certificate to allow the connection to proceed? How are 'Windows hello for business' credentials / pin / biometrics checked? is another authentication method required such as SAML :/.

 

Regards.

zanyterp
Moderator
Moderator
‎02-23-2021 11:36:PM
‎02-23-2021 11:36:PM

Re: Window Hello for Business Authentication

yes, that is how it is created/done
the certificate has restrictions on it that require validation through the TPM in order to access
SAML is not required for this
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.