search cancel

Windows Hello / FIDO support for Symantec Siteminder

book

Article ID: 214549

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

We would have question about Windows Hello / FIDO support for Siteminder. In current setup we are using Integrated Windows Authtication (NTLMv2) for "silent login" on intranet login page. Anyway workstations are moving to cloud based setup, where Windows Hello will be used for Windows 10 login. According to project team NTLMv2 is not working after this change.

What would be options to use Windows Hello or FIDO natively in Siteminder login? 

 

Environment

Release : 12.8.03

Resolution

This is for how the User logs into their work-station (Windows Hello or FIDO2),
 
so if SiteMinder then uses IWA (after the user is logged into their work-station), it's still up to Windows to provide SiteMinder with the user that is Authenticated at the workstation via Windows Hello or Fido2.
 
We should not use Windows HELLO in FIDO in SiteMinder, you should use Windows Hello or FIDE with your Desktop to login, and then Windows SHOULD give SiteMinder the valid user via NTLM, (IWA).