Forum Discussion

SSChew's avatar
SSChew
Copper Contributor
Apr 09, 2026

SSID connection using intune pushed profile kept prompting manual login

Hi, anyone encountered an issue where users connecting to an SSID with 802.1X authentication using an Intune-pushed Wi-Fi profile (with credential caching enabled) are still being prompted to enter their credentials manually? However, it works fine by configuring the network connection protocol manually. Thank you. 

Intune

4 Replies

  • DerekMorgan2's avatar
    DerekMorgan2
    Brass Contributor
    Apr 13, 2026

    Hi SSChew​  — quick clarifier so we troubleshoot the right thing: what OS/platform are the affected devices (Windows, macOS, iOS/iPadOS, Android)?

    Also, what 802.1X/EAP method are you using (PEAP/MSCHAPv2 vs EAP‑TLS), and does the prompt happen every connect or only first-time / pre‑login?

    If you can, share a screenshot of the Intune Wi‑Fi profile settings (EAP type, SSO/caching options, user vs device assignment) and any client-side error/log at the time of the prompt. Happy to dig into it with you.

    • SSChew's avatar
      SSChew
      Copper Contributor
      Apr 14, 2026

      Hi DerekMorgan2​, its Windows device and using EAP-TTLS. It happens randomly like something is triggering it. From the logs, we can see the re-application of the profile when the issue surfaces. 


      • DerekMorgan2's avatar
        DerekMorgan2
        Brass Contributor
        Apr 20, 2026

        SSChew​, thanks! -- that Event 1506 is the key signal here.

        It confirms Intune is actively re‑applying the Wi Fi profile, not just Windows reconnecting. When the Wi Fi CSP resets the profile, Windows treats it like a profile update, drops the existing 802 1X session, and with EAP TTLS using username and password it often forces reauthentication. That is why users get prompted even though credential caching and PMK caching are enabled.

        This points to profile churn, not an access point or caching problem.

        I would check whether more than one Wi Fi policy is targeting the same SSID. Common causes are a template and settings catalog profile both applied, user and device targeting at the same time, or a custom OMA URI profile alongside the built in Wi Fi profile. Any of those can cause Intune to keep reapplying the profile and trigger this behavior.

        Once you get it down to a single Wi Fi profile and assignment scope, the prompts usually stop. As mitigations, you could also try User or machine authentication instead of User only, or disable SSO before user sign in to reduce timing related prompts. Longer term, EAP TLS avoids this class of issue entirely.

        The logs line up exactly with what you are seeing.