We just switched from on-prem AD over to SAML from Azure to take advantage of MFA since we all have E3 and EMS3 licenses.
If I look in Reports and on the Authentication tab I see two entries for each user logging on. The first one is a failure saying "needs SAML authentication" and the second one is a success message. The failure entry is for the AD user name (samaccountname) which is not the UPN/Email address.
Can anyone tell me where the setting is for it to not bother with the samaccountname and instead only use the UPN/Email address (either is fine as those two are identical per O365 best practice.)