We have 400+ badge readers that are all programmed to append a known prefix and suffix to the badge ID, which is needed for another application running on the same station. We would like a way to strip those known characters off the badge ID before authenticating against our AD (only) user source.

We use AG groups to manage access, and are using the AD property to hold the users' Badge IDs. We would rather not have to use a hybrid model and duplicate the user's configuration locally.