I have setup DUO for RDP and am experiencing issues when logging in. When users connect to the RDS via RDP the windows login screen appears with the username filled in already but the password field is blank. The credentials where already filled in when starting the connection via RDP. After 20 to 40 seconds the DUO prompt shows up and users are able to authenticate.
I have found that when I give the machines a “dsregcmd /leave” the DUO prompt appears without delay. So to me it looks like there might be an issue with HAADJ, but could not resolve it by rejoining the device.
Using Duo Windows Logon to authenticate admin logins and policies are set to bypass non-admin users. Every time the users need to log in or unlock their screen, there is a long delay before their login prompt appears. These computers are using AzureAD for Defender, so it's the same issue. I can unregister the computers with the command above then their login appears immediately. But in the process of operation the computers to re-join AAD and the Duo delay issue re-appears.