Hi,
we set up the Azure MFA NPS Extension in a Test Environment.
Until now we had only [username]@[tenant].onmicrosoft.com as login name active in Azure. Because of the NPS Extension we set up Sign-in to Azure AD with email as an alternate login ID, which works flawless in Browser / Outlook etc.
Our steps with NPS MFA:
first try with the on-premises UPN (which is a local domain) did not work (no surprise here)
added the [username]@[tenant].onmicrosoft.com as AD attribute on premises, set up the NPS Extenstion to use it as alternate login id and the MFA login worked as expected
activated Sign-in to Azure AD with email as an alternate login ID, configured the NPS extension to use mail as login ID and we get the following error:
NPS Extension for Azure MFA: CID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx : Request Discard for user [mailaddress] with Azure MFA response: UserNotFound and message: The specified user was not found.,,,xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
First thought was, maybe we didn't wait long enough for the settings to apply, but the weekend passed and there is no change.
Any ideas?