RDG, NPS and MFA
We're attempting to stand up a new Remote Desktop Gateway and are working on getting Azure AD MFA running.
I've been following the instructions here: https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension-rdg
RADIUS server and the NPS extension have been configured on an AD domain controller. The gateway was confirmed to be working prior to trying to integrate MFA.
Whenever I try to connect to a server via the RDG, I get an error. The screenshot below is from an Android client, but it is the same on Windows.
In the Event log on RADIUS/NPS server, I get Event ID 6273, "An NPS Extension Dynamic Link Library (DLL) that is installed on the NPS Server rejected the connection request."
I've run the MFA_NPS_Troubleshooter powershell script. When run for a single user account (mine), it says that a valid MFA license cannot be found, yet our Tenant shows P1 licensure, and MFA is enabled for my account. I can verify that by logging into the office portal or the MS MFA verification page.
I've read a lot of articles re: the same error, but none of them have worked yet. Does anyone have any suggestions?