I have configured an access server profile for LDAP + Timebased One Time Password and I have now two issues:
- the first login to the portal ist not possible, when I use UserPrincipalName instead of sAMAccountName Attribute. So the user will not be created accordingly. When I change to sAMAccountName, it works as expected. User is being created and the user ends up, where ever I have defined in the security matrix. This is btw something which is perfectly working on pfSense
- I have not figured out how to implement an autoenrolment process. The user should be able to login to his portal shoot the QR to his Auth App and done. It is kind of a chicken and eggs question, so I have to provide the user with a QR to get it done but why . . .?
Do I miss somethings here?
Best, rene
Hm, I have this running with local users, LDAP should be same. Do they get created locally when first login to UI?