Office365 Business Premium is great subscription for smaller businesses but if you want to join your Windows 10 PC’s to Azure AD it has one big disadvantage over the Enterprise subscriptions, mainly access to InTune.
Because of this if you join a Windows 10 PC to Azure AD all users will be required to setup a Pin before being able to log in. If your users hot desk they will have to do it on every PC they login to!
Your options are to purchase an InTune subscription and apply a license to every user at a cost of £4.50 per user per month.
Your second option is to disable the pin requirement in the registry on each PC either manually or by using your faviourite RMM tool.
I’ve put together a Poweshell script which will disable the pin requirement and also remove any existing pins. Simply run the script as an administrator on each PC or deploy it via RMM.
####################################################################################
#
# Ian Waters
#
# www.slashadmin.co.uk
#
# Prevents Windows 10 prompting to setup a pin after being added to Azure AD
#
# Designed for use with Office 365 Business Premium subscriptions
#
####################################################################################
#Disable pin requirement
$path = "HKLM:\SOFTWARE\Policies\Microsoft"
$key = "PassportForWork"
$name = "Enabled"
$value = "0"
New-Item -Path $path -Name $key –Force
New-ItemProperty -Path $path\$key -Name $name -Value $value -PropertyType DWORD -Force
#Delete existing pins
$passportFolder = "C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc"
if(Test-Path -Path $passportFolder)
{
Takeown /f $passportFolder /r /d "Y"
ICACLS $passportFolder /reset /T /C /L /Q
Remove-Item –path $passportFolder –recurse -force
}
Conclusion
Working to a budget by using an Office 365 business premium subscription means you have to work a little harder to set things up just how you want them but once again PowerShell comes to the rescue 🙂
2nd September 2018
You are a life saver my friend!!!
worked like a charm.
5th November 2018
Nice, finally a solution for this annoying problem!
Thanks a lot!
8th December 2018
LIFE SAVER !!! i have been looking for a way to fix this M$ money grab for ages.
23rd December 2018
Thanks!
19th April 2019
This script works like a charm. Just what I was looking for.
27th August 2019
Thanks, helped me a lot. But, for one specific person, i would like to revert this script somehow. is this possible?
6th January 2020
This was a lifesaver… because one user was driving me nuts about having to use the pin and I was going to kill him!
Thank you! Thank you! Thank you!
21st April 2020
You freaking rock! I’ve been at it for an hour before I found this!
18th May 2020
Finally, a solution that works!
Thank you!
5th June 2020
We’re a school, just getting to grips with Autopilot and this was a massive headache. Thank you so much for your script!
30th June 2020
Fantastic! worked like a charm. Thank you!!!
5th November 2020
AWSOME! Thank you so much! I sat here for hours with the “spinning wheel of deal” searching for a solution to this problem that no one seemed to understand.
8th February 2021
Amazing – thanks so much.
5th March 2021
Had to stop and give you kudos for this. Worked like a charm with O365 A1 for Faculty licensing.
13th March 2021
Did not work on my end unfortunately. Still required to enter pin when loging in with Azure AD joined user on Win10
13th March 2021
Sorry, i was a bit to fast. Works like a charm, i am just an idiot 🙂
19th March 2021
OMG! Lifesaver! Thank you.
15th July 2021
Works! Thank you.
19th October 2021
Thank you very much, it worked like a charm!
14th December 2021
Mega props to you sir! This is a primo hack. And shame on M$ for making it such a pain in the aft.
24th January 2022
How do I undo this ? Is there a script for that .? TY