We have two AD Domains (lets call them X and Y).  We will be migrating all users from domain X to Y.  Currently, we have Yubikey setup for MFA for domain X, which we use for VPN validation, after entering username and password (Cisco AnyConnect).

ADSS is configured for both domains, no issue there.  I removed my Yubikey from domain X but am not able to add it to domain Y.  Domain Y is configured the same as Domain X, including the Yubikey config.  When I login to my account in Domain Y on ADSS, I get no prompt to add the Yubikey, nor am I able to manually select to add the Yubikey.

When I then login to my account in Domain X on ADSS (where I removed my Yubikey), I immediately get the prompt to register my Yubikey.

Anybody know why I can't get the Yubikey registration to work with Domain Y?