miniOrange's Windows Two-Factor Authentication solution for windows logon prevents these sorts of Password-Based breaches and adds an additional layer of security to your Microsoft Windows account login. Windows 2FA solution is also responsible for your User Management with a Microsoft Active Directory or an LDAP directory. With this 2FA / MFA solution, users will get easy access to the endpoints they need to access by increasing identity assurance and reducing the risk and exposure.
Prerequisites
In AD, keep all the computers where you want to push the module and its setting in the same OU and optionally same group
Have miniOrange Windows MFA configured on at least 1 machine.
Copy moCredentialProvider.msi to a shared folder which is accessible to all computers
Open Windows Powershell in elevated mode and change directory to where the script is located.
Run the following command to create xml
Reg2GPO.ps1 <reg-path> <xml-path>
#replace <reg-path> with full path of exported .reg file
# replace <xml-path> with full path of the xml file to be generated
#e.g.
# Reg2GPO.ps1 "C:\Users\miniOrange\settings.reg" "C:\Users\miniOrange\gpo.xml"
4. Add Registry keys to Group Policy Object
Open the Group Policy Management Console.
Right-click on the GPO and select Edit.
Expand the Computer Configuration → Preferences → Windows Settings → Registry.
Copy the xml file generated in previous step and paste it in the empty area of Registry.
After pasting, you should be able to see the imported registry keys
Close Group Policy Management
5. Test Group Policy Push
On one of the computers, open command prompt in elevated mode
Run the below command GPUPDATE /force
If the command output asks to restart computer, enter Y
After the command runs, you can check if the policy ran using below command GPRESULT /SCOPE COMPUTER /V
You should see your policy name in applied policies like this: