,Japan
With the upgrade to Windows 10 v1709, a security feature warning called Windows Hello for Business is now logged as [Event ID 360] in the event log.
When I checked,
The Windows Hello for Business warning was said to be okay if left unchecked, but I found information that could help repair it.
However,
The procedure is a way to stop logging to the event log, so it's not a fundamental solution because it actually warns you.
The benefits of dealing with it are refreshed in the event viewer.
This article
I've included the steps I performed on my PC, referring to the information posted on the Windows 10 Forums.
Event Log
| message | Windows Hello for Business provisioning will not be launched. Device is AAD joined (AADJ or DJ ++): Not Tested User has logged on with AAD credentials: No Windows Hello for Business policy is enabled: Not Tested Local computer meets Windows hello for business hardware requirements: Not Tested User is not connected to the machine via Remote Desktop: Yes User certificate for on premise auth policy is enabled: Not Tested Machine is governed by none policy. See https://go.microsoft.com/fwlink/?linkid=832647 for more details. |
| The name of the log | Microsoft-Windows-User Device Registration /Admin |
| Source | User Device Registration |
| Event id | 360 |
| level | warning |
| user | Login user |
PLAN-A | PLAN-B
There are two steps.It seems that some environments have been improved with "PLAN-A", but "PLAN-B" has been effective in my environment.
Both use Registry Editor.
Registry operations are at your own risk
Before working with Registry EditorMake a backup copy of your registry in case something goes wrong.
PLAN-A
* It was not effective in my environment.This procedure is to modify the value set in the following registry key:
{23B8D46B-67DD-40A3-B636-D43E50552C6D}
1. Start Registry Editor
- Windows Key + R
- Type "regedit" in the box next to your name
- OK Click on the
2. Search the registry
GUID to search: {23B8D46B-67DD-40A3-B636-D43E50552C6D}The GUID is recorded in the property details of the event log.
Searching for the GUID will hit in multiple places, but look for the GUID that hits under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet .
3. Change the Enabled value to 0
You can find it in the following hierarchy.
\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger\EventLog-Application\{23b8d46b-67dd-40a3-b636-d43e50552c6d}
Since it was Enabled = 1, I changed it to Enabled = 0.
The image is before change.
4. End of procedure
Restart your PC and check the Event Viewer.If Event ID 360 is no longer logged, then this procedure was successful.
However, it didn't work in my environment.
I've already explained in my previous posts the way to prevent this event from logging in Event Viewer, event id 360
Simply modify a value in Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger seek for the appropriate GUID and modify a value from enabled 1 to 0. Reboot pc and the error is gone.
Same applies for Kernel PnP Event id 219 events, (The driver\Driver\WudfRd failed to load for the device SWD\WPDBUSENUM) and event id 37 (AppContainer profile failed with error 0x800700B7 because it was unable to register AppContainer SID).
Windows 10 Forums
Simply modify a value in Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\Autologger seek for the appropriate GUID and modify a value from enabled 1 to 0. Reboot pc and the error is gone.
Same applies for Kernel PnP Event id 219 events, (The driver\Driver\WudfRd failed to load for the device SWD\WPDBUSENUM) and event id 37 (AppContainer profile failed with error 0x800700B7 because it was unable to register AppContainer SID).
Windows 10 Forums
PLAN-B
* Effective in my environment
This procedure is to modify the value set in the following registry key:
Microsoft-Windows-User Device Registration /Admin
1. Microsoft-Windows-User Device Registration /Admin
Start Registry Editor andSearch for Microsoft-Windows-User Device Registration /Admin.
You can find it in the following hierarchy.
\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-User Device Registration /Admin
OwningPublisher: {23b8d46b-67dd-40a3-b636-d43e50552c6d}, so it seems to be related to "PLAN-A".
Enabled changed from 1 to 0.
2. PC restart
Recording in the event log has stopped.This procedure worked in my environment.
The following are sources of information for this procedure.
To get rid of the error in event log I have navigated to:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-User Device Registration /Admin]
and changed "Enabled" to "0"
Windows 10 Forums
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-User Device Registration /Admin]
and changed "Enabled" to "0"
Windows 10 Forums
What is Windows Hello?
Windows Hello is a security function added from Windows 10 that provides the function of logging in to a device running Windows 10 using a face, fingerprint, iris of the eyeball, etc.This is a function not included in VAIO 10 years ago when an error was recorded.
('ω')
Windows Hello is a feature that lets you sign in to your Windows 10 device in a more personal way—just look and touch. This provides the level of security employed by the enterprise without the need to enter a password.
Windows Hello? | support.microsoft.com
Windows Hello? | support.microsoft.com
Verification: Windows 10 Pro Fall Creators Update, 1709
:SC2
このサイトを検索 | Search this site
ブロトピ:今日のブログ更新