The Local Security Authority (LSA)  in Windows 10 provides clients like Cisco Network Access Manager with the Machine password encrypted which is an increased default security settings in Windows 8 or 10 / Server 2012. however this does fail Cisco Network Access Manager to use the machine Credential for Authentication and the entire machine authentication would fail.
This doesn't happen only if you are using machine credential for Authentication (like via PEAP(MSCHAPv2), EAP-FAST (MSCHAPv2)) but this would not happen if Machine authentication using Machine certificate  (EAP-TLS or EAP-FAST (EAP-TLS))

The registry fix described in Microsoft KB 2743127 should be is applied to the client desktop. This fix includes adding a DWORD value LsaAllowReturningUnencryptedSecrets to the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa registry key and setting this value to 1. This change permits Local Security Authority (LSA) to provide clients like Cisco Network Access Manager with the Machine password

here is also the Cisco Bug ID for this 

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuw01496/?referring_site=bugquickviewclic

2- Take care if your are upgrading Windows 7 to Windows 10 (and not fresh installation) and you are using the Machine authentication via Machine Certificates (EAP-TLS) that sometimes the default imaging used by SCCM vendors to take a snapshot of a reference Machine and then apply the upgrade the machine certificates after the upgrade won't be valid for authentication.

This mostly happen due to missing or corrupted private keys that failed to be migrated as part of the Windows upgrade.

The solution is to delete the machine certificates (manually or via Script) before the Windows upgrade process starts and then once it joins the AD after the upgrade the certificates would be pushed successfully from the CA with Valid certificate keys (private + Public)