Our WiFi RADIUS server and controller is reporting old credentials are being submitted by Sony Xperia L1 phones after a credential change on the phone's WiFi connection. We are using PEAP and RADIUS to authenticate to our Cisco Identity Services Engine (ISE) server. When the user credentials are supposedly removed using the 'forget' option on the phone Wi-Fi connection, then new credentials are added, our ISE server reports authentication failure on the old account (example below) even though the new account is able to connect. It's very strange but we've checked the ISE and replaced it with a newer model and the issue is still happening, so it seems it might be something wrong with WiFi on the phones.
The main concern for us is when this happens the original user is locked out of their AD account, and it happens continuously.
Is there a known issue with resubmission or caching of old credentials on these phones ?
ISE Version: 2.6.0.156
Error: 24408 User authentication against Active Directory failed since user has entered the wrong password
Phone software version: 43.0.A.7.106 - Android 7.0