Share via

NPS server changing login ID to ******@domain.com format and rejecting authentication of Azure AD authenticated user

Gabriel Velez III 0 Reputation points
2023-02-16T20:25:23.1066667+00:00

Hello,

I have a set up where our users connect to the Wi-FI using Azure AD authentication via on premise NPS Radius servers. However, they get rejected. When I look at the event log, it shows DOMAIN******@DOMAIN.COM as the user ID it cannot find. So somewhere within the server it is adding the @DOMAIN.COM.

Where would I find what is doing this? It started happening randomly and now it is spreading to most of my users (dozens of them).

Thank you

Windows for business | Windows Server | User experience | Other
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 44,766 Reputation points
    2023-02-17T11:19:10.34+00:00

    Hi. Thank you for your question and reaching out. I’d be more than happy to help you with your query

    It sounds like you are having an issue with the NPS Server rejecting authentication of an Azure AD authenticated user when their login ID is changed to the ******@domain.com format. This issue is usually caused by a mismatch between the authentication method used by the NPS server and the authentication method used by Azure AD. To resolve this issue, you will need to configure the NPS server to use the same authentication method as Azure AD. Depending on your specific configuration, this may require making changes to the NPS server or to the Azure AD configuration.

    If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.