Suggestion: MacOS - OIB - Authentication - D - Platform SSO - v1.0

[sjurlohne]

With the current settings for "Token To User Mapping" (using "Account Name: preferred_username" and "Full Name: name") it will result in a local user account named "usercontoso.com" (the UPN withouth @)

I suggest to change this to "Account Name: com.apple.PlatformSSO.AccountShortName" and "Full Name: AccountName" This wil create the local account correctly as only "user"

[mtengmo]

I guess it´s from Microsoft recommendation: https://learn.microsoft.com/en-us/intune/intune-service/configuration/platform-sso-macos @ in a username maybe could be other issues.