1. In the PingOne admin console, open the environment you are using for Windows login - passwordless.
  2. Click the Identities icon.
  3. Click Attributes.
  4. In the list of attributes, locate the PingOne attribute that you mapped to ObjectSID.
  5. Click the Pencil icon to edit the attribute properties.
  6. Select the Enforce Unique Values check box. Confirm the choice if prompted to do so.
  7. Click Save.
  8. Click the Experiences icon.
  9. Click Authentication Policies.
  10. Click Add Policy.

    The policy definition page opens.

  11. Enter a name for the policy.
  12. For Step Type, select Windows Login Passwordless.
  13. In the Match Attributes list, select the attribute that you mapped to ObjectSID.

    This list includes any attributes that you have specified as unique by selecting the Enforce Unique Values option.

  14. Optional: Select the Offline Mode option if you want to allow users to sign on when PingOne or PingID are not available.
  15. Click Save.