Background: Users using a Windows Hello for business pin would receive a “Something went Wrong” error (Figure 1) when using the “I Forgot my Pin” option within the Windows 10 Settings app. All other Pin functionality was working fine.

Fix: The Microsoft Pin Reset service integration had not been configured for the tenant as per – https://docs.microsoft.com/en-us/intune/device-windows-pin-reset

Steps:

  • As a Global Admin go to the Microsoft Pin Reset Service Production link as explained in the article above.
  • You will be presented with what appears to be a error page or something along the lines of “You do not have permission to view this directory or page.” – this is normal.
  • Go back to Azure AD > Enterprise Apps (make sure you search for all) > search for Microsoft PIN
  • You should find an App named “Microsoft Pin Reset Service Production” with a homepage URL “https://cred.microsoft.com” – this is good and means clicking on the link has worked
  • Now from a Windows 10 client you should be able to use the “I Forgot my Pin” option from the settings app – Users may be asked to approve an MFA prompt if configured then accept permissions for the “Microsoft Pin Reset Client Production” app after which you may notice another enterprise app “Microsoft Pin Reset Client Production” show up in AAD – (Note: I’m not sure if it was the process of the user resetting the Pin or a lack of patience that made the second app show up)
  • You should now be able to reset your Pin from the settings app

 

Figure 1:

Figure 2: