RDP Only device configuration issue with lock screen

I’ve completed the installation on my Windows 10 Pro (v1909 currently) and configuration with my Duo free account. My user is a Microsoft account and I added the local user identity to my Duo user as an alias to avoid an additional user registration.

I am able to login without Duo on the machine directly.
Logging in via RDP I get the Duo login screen and push notification.

The problem happens when the session times out and goes to the lock screen. Instead of displaying any user information the screen is fuzzed out how it would normally present with the user login to re-authenticate. No options are available except for the user accessibility options and the disconnect button.

Reading further I found that with a Microsoft account you need to set the group policy do not remember the last login ‘Interactive Logon: Don’t display username at sign-in’ option. I didn’t set this feature since I’m not using Duo for direct logins, only RDP. Poking around I found a similar setting ‘Interactive logon: Display user information when the session is locked’. With some testing, I found the settings below work after testing each policy and combo.

For DUO RDP Only setting

Interactive Logon: Don’t display username at sign-in = ENABLED
Interactive logon: Display user information when the session is locked
User display name, domain and user names = BROKEN
User display name only = WORKS
Do not display user information = WORKS
Domain and user names only = BROKEN
Interactive Logon: Don’t display username at sign-in = DISABLED
Interactive logon: Display user information when the session is locked
User display name, domain and user names = BROKEN
User display name only = WORKS
Do not display user information = WORKS
Domain and user names only = BROKEN

*After making the change to the Local Group Policy Editor (gpedit.msc) you need to run the following from a command or powershell prompt:
gpupdate /target:computer /force

Hope this helps someone else!
Jim