Possible cause
Authentication via wireless RADIUS may fail if a user enters a domain name of more than 15 characters in the DOMAIN\USER format.
This problem occurs within default Windows supplicant applications.
The user attempts a wireless authentication, and enters OurDomain.OurCompany\MyUserID in the user ID field, and the one-time password (OTP) in the password field. The authentication fails despite correct user ID and OTP.
Solutions
Workaround 1
When a domain field is available in the logon window, the user should enter the domain name into that field.
The user attempts a wireless authentication, and enters MyUserID in the user ID field, OurDomain.OurCompany in the domain field and the one-time password (OTP) in the password field. The authentication succeeds as expected.
Workaround 2
Use the User@Domain format for the user ID instead.
The user attempts a wireless authentication, and enters MyUserID@OurDomain.OurCompany in the user ID field and the one-time password (OTP) in the password field. The authentication succeeds as expected.