User not found on logs even user exist

Our product offers a Multi-Factor Authentication (MFA) solution that integrates with the Network Policy Server (NPS) using the RADIUS protocol. This integration is achieved through an extension written on NPS, allowing authentication requests to be received by NPS and then forwarded to the Mirket system. Once Mirket completes the necessary verifications, it sends the result back to NPS, completing the process.

A key detail of our system is the use of the SAM (Security Account Manager) name for user identification. This method is preferred over standard usernames. The formation of the SAM name is as follows:

• If NPS is within a domain (for example, assuming the domain name is 'mirket.local'), requests are sent in the format 'mirket\username'.

• If NPS operates in a workgroup environment outside of a domain, requests are sent based on the name of the NPS server, for example, 'mfaserver\username'.

If there is no user on the Mirket system matching the incoming SAM name, a 'user not found' log message will be recorded, and Mirket will deny the authentication request. This is also applicable to RDP and OWA connections. In these types of connections, requests are sent directly to Mirket in the format 'sam\username'. If there is no user with the corresponding SAM name, Mirket will respond with a 'user not found' message and deny the request.

In LDAP group definitions, users' SAM values are specified. When Mirket imports users from LDAP, it prefixes the usernames with the defined SAM value to create SAM names. When creating local users, their SAM values are taken from the local groups they belong to. It is expected that SAM values are correctly entered in these local groups.