Hi,

We have recently implemented Azure Multi-Factor Authentication Server on SharePoint 2013 WFE and tried to protect few web applications using both Forms Based / Windows HTTP Authentication.

When trying to access the web applications getting error: 403 FORBIDDEN for example with Forms Based Authentications and unable to login.

Following are few sample logs:

2017-11-16T12:29:04.963819Z|i|7132|6236|pfsvc|Username '0#.f|fbamembershipprovider|aks1' couldn't be resolved to a SID.

2017-11-16T12:29:04.963819Z|w|7132|6236|canU,pfsvc|Username '0#.f|fbamembershipprovider|aks1' failed canonicalization.

2017-11-16T12:29:04.966819Z|i|7132|6236|pfsvc|Username '0#.f|fbamembershipprovider|aks1' couldn't be resolved to a SID.

2017-11-16T12:29:04.966819Z|e|7132|6236|impl_s_combinedAuth6|Couldn't find a reason to authorize the RPC caller to make an auth call.

2017-11-16T12:29:04.966819Z|e|7132|6236|trace|i|pfsvc||#Pfauth not performed for user '0#.f|fbamembershipprovider|aks1' from 192.168.169.60.

2017-11-16T12:29:04.966819Z|e|7132|6236|implPfServer|Denying access from pfsvc::impl_s_combinedAuth6.

2017-11-16T12:29:06.638987Z|i|7132|5892|pfsvc|Username '0#.f|fbamembershipprovider|aks1' couldn't be resolved to a SID.

2017-11-16T12:29:06.639987Z|w|7132|5892|canU,pfsvc|Username '0#.f|fbamembershipprovider|aks1' failed canonicalization.

2017-11-16T12:29:06.641987Z|i|7132|5892|pfsvc|Username '0#.f|fbamembershipprovider|aks1' couldn't be resolved to a SID.

2017-11-16T12:29:06.641987Z|e|7132|5892|impl_s_combinedAuth6|Couldn't find a reason to authorize the RPC caller to make an auth call.

2017-11-16T12:29:06.641987Z|e|7132|5892|trace|i|pfsvc||#Pfauth not performed for user '0#.f|fbamembershipprovider|aks1' from 192.168.169.60.

2017-11-16T12:29:06.641987Z|e|7132|5892|implPfServer|Denying access from pfsvc::impl_s_combinedAuth6.

Can someone tell the cause of this issue and workaround to solve it.

Thank you,

Dinesh Vashisht