Chiming in as i also have the same issue. Disabling printer forwarding does not work, nor does having dontdisplaylastusername set to 1. I’m also using a windows live account for signing in.
Reading about the type of account people in here is using i decided to test a couple of things - here are my findings:
Creating a local user account and using that RDP actually does bring up the duo prompt. I enrolled this user and got push notifications to my phone. Thus, i can log in with the local user. Trying with my regular Windows Live account resulted in the same failure as previously - no duo prompt. In fact, the login attempt does not even show in the duo portal.
As the next step i logged in to the local user i just created but canceled the login. I’m now passed the NLA CredSSP login provider and have an active RDP session with my host. I change accounts from the local user to my Windows Live account and log in with that, which does give me the duo prompt and the push notification. I can now log into the host.
This leads me to believe that it has something to do with NLA and CredSSP so i disable that on my host and create a .rdp file that has:
As i don’t have to authenticate before establishing the rdp session i can now just put in my regular Windows Live account credentials and i get the duo prompt and correlating push request to my phone. I am now able to log in again.
I’m pretty sure it has to do with NLA and the CredSSP provider but i can’t do more tests right now. I’ll get back to it later but I hope this helps you guys in troubleshooting and finding the issue.