I want to figure out how to set up Windows 10 and Windows 11 machines so that employees can log in to any device using their fingerprints (biometric login). Originally the idea was to use USB drives as USB keys to log in to any of the computers here, but after some discussions employees were thinking USB keys may be a hassle. Using your fingerprint is much easier as you won't have to carry any special equipment then.
The office where this will be set up does have a locked-up central server running on Windows 10 which is used to manage other deployments as well such as ESET.
Currently, many of the computers just have a shared login, that is employees know the same secret password that lets them into any machine in the office that is shared. This has worked well for our situation because employees tend to move around quite a bit throughout the office, they are never really tied down to a single machine. We are wanting to change things so that instead a unique login is tied to an employee who is able to authenticate into any of these machines with their unique fingerprint. Further, if possible, some of the machines might only let a specific group of authorized employees log in with their fingerprints whereas the remaining employees would be denied access.
I would hate to set up all of these employees for each and every device in the office, preferably I do this once via a central server and utilize some sort of network login which simply looks at an employee's fingerprint to be able to log in to the machine. If this sort of scenario can work we will purchase fingerprint scanners for each computer.
So with that said, how can I set up a Windows Network Login across all of our Windows Machines that simply uses the employee's fingerprints to log in? Currently, this should support both Windows 10 and Windows 11 as some of the Windows 10 devices are not eligible to be upgraded to Windows 11 due to hardware requirements.