Enable the use of Fingerprints / Biometric Devices to log on to Microsoft Windows 7 using GPO
On Microsoft Windows 7 there’s a new Group Policy (GPO) Setting to manage biometric devices and permissions to log on to a domain using fingerprints.
To configure the use of Biometric devices..
Click Start 
Type gpedit.msc
GPEdit.msc
Click on gpedit
You should get here
Microsoft_Windows_7_Group_Policy_Manage_Biometric_Devices
Expand Computer Configuration | Administrative Templates | Windows Components | Biometrics.
Now you can manage the behavior and permission of the biometric devices, allow the use of fingerprints to log on to the domain etc using these settings
(Allow the use of biometrics, allow users to log on using biometrics, allow domain users to log on using biometrics)
Of course, this GPO can also be applied to specific computers in a domain using Group Policy Management Console (gpmc.msc) and Domain Security Policy.
referenced error messages
Windows could not use your fingerprint credentials because it could not contact your domain. Try connecting to another network.
Fingerprint Logon is not enabled for domain accounts on this machine. Log on using other credentials or see your system administrator
[…] I’ve also published an article about how to manage biometric devices / allow fingerprint to lo… […]
excellent. I got what i searched.
Hi Christian,
I am planning to rollout the Lenovo Fingerprint software to Windows 7 enterprise clients. Everything worked fine with installing software with SCCM server from Microsoft and users are able to use the software. After log off they got the message they are not able to logon.
We are using Active Directory domain and with these settings it will now allow them log on.
Many thanks!
I am log on to the domain using “BOTH” mode i.e password and biometric fingerprint reader however unable to do so in off domain mode. Get following error fingerprint validation failed.