1. Go to the PingOne console and open the environment you are using for Windows Login - Passwordless.
  2. In the icon menu, click the Identities icon.
  3. In the menu, click Attributes.
  4. In the list of attributes, locate the PingOne attribute that you mapped to ObjectSID.
  5. Click the Pencil icon to edit the attribute properties.
  6. Select the Enforce Unique Values check box, and confirm the choice if prompted to do so.
  7. Click Save.
  8. In the icon menu, click the Experiences icon.
  9. In the menu, click Authentication Policies.
  10. Click Add Policy.
    The policy definition screen is displayed.
  11. Give the policy a name.
  12. For Step Type, select Windows Login Passwordless.
  13. Under Match Attributes, select the attribute that you mapped to ObjectSID.
    Note: This drop-down list includes any attributes that you have specified as unique by selecting the Enforce Unique Values option.
  14. Select the Offline Mode option if you want to allow users to log in when PingOne or PingID are not available.
  15. Click Save to save the policy.