I'd like to sign in to my domain account on said machine, remotely by plugging in the Yubikey to my thin client. Through USB over IP, I can make my remote machine see my Yubikey when it is plugged into the thin client. I have verified that this functionality is working.
Here's the difficult part. I'll be connecting to my machine remotely using an obscure protocol, and I'll have no way of entering a password or a pin when connecting.
In short, I need the domain sign in to be handled entirely by the Yubikey. I read up on PIV a little, and that looks useful, but you still need a pin for sign-ins.
So my question is, can you sign in to a domain account without a pin or passphrase or other second authentication factor? If so, is Windows Hello For Business what I'm looking for? Are there other solutions I should be looking into? Ideally I'd like to do this without buying anything Azure, as I'm a broke college student, but if I have to buy an Azure AD instance to get this functionality, I'm sure I could work something out.Statistics: Posted by thefunk — Sun Jul 23, 2017 12:09 am
]]>