Right-click on the issuing CA server and select Properties.Open the Certificate Authority snap-in.During a Group policy update, these certificates are imported to the registry by all client machines, members, and domain controllers in the forest. What the EnterpriseCertificates registry key presents is a location in Active Directory. The NTAuth registry key locates at HKLM\Software\Microsoft\EnterpriseCertificates\NTAuth\Certificates. During the validation, it checks the Key Distribution Center (KDC) service on the domain controller to verify if it can find the issuing CA certificate in the NTAuth registry key. When you use WHFB, the domain controller needs to validate the certificate sent by the client machine.
This issue occurs because the issuing Certificate Authority (CA) certificate is missing in the NTAuth store of the domain controller and client machine. Something went wrong and your PIN isn't available (status: 0xc00000bb, substatus:0x0). When you try to sign in to a Windows 10 or Windows 11 device by using a WHFB certificate or key trust, it fails with one of the following error messages:
#Startrail error windows 10 how to#
This article introduces how to fix the error "Your credentials could not be verified" that occurs when you try to log on to Windows with Windows Hello for Business (WHFB).Īpplies to: Windows 10, Windows 11 Original KB number: 4519735 Symptom
0 kommentar(er)
