When connecting over Remote Desktop (RDP), to a system that has Defender Desktop Login installed, the Active Directory (AD) username and password do not get passed to the remote system. The user must enter their AD credentials again, as well as their token response. This occurs for users who are Defender authenticated and those in the exclusion groups.
The user must enter their AD credentials into the "Remote Desktop Connection" software (if "Network Level Authentication" is enabled), and again into the RDP session itself after clicking on the "Defender" tile.
Upgrading to Defender 5.8.1 or above Defender Desktop Login. This allows the credentials to be passed through.