Wrong Microsoft Entra ID credentials passed to DUO

Aloha Spirit 0 Reputation points

Here is our scenario:


We have external vendors that have their own domains and utilize them to logon to Microsoft M365 products. They also have their own DUO domains used to authenticate those product access.


i.e. an external vendor logons to TEAMS using [AUser@abc.com]


Then when attempting to logon to our network via VPN (that has DUO enabled as a MFA)… even though the follow the same process as our employees, and enter the domain credentials to our network, they appear to be passing DUO their native company domain credentials.


i.e the same vendor attempts to log to on network via VPN (w/ DUO MFA) and enters the domain credentials we provided them, [OurID@xyz.com]


They appear to be passing DUO the [AUser@abc.com] credentials.

The only way we can get this to work is if the user logs out of all M365 1st, and then attempts to logon to our VPN.

DUO says this is an Entra ID issue.


Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,447 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Andy David - MVP 144.8K Reputation points MVP

    Sounds like a browser issue. Same problem if they user a different browser than they user for their own tenant or use a incognito browser session?