Hello,
Using the VIP PAM module/integration, I'm attempting to use the "no2fa" option to exclude certain groups from using VIP 2FA in the file "/etc/raddb/vrsn_otp". According to the attached guide, this should work for local and LDAP groups, but it doesn't appear to work for LDAP groups.
The user I'm attempting to test with belongs to the AD group, the output of "groups <username>" shows they are a member of the group as well. The group does not show up under "/etc/group" since it is not a local group.
Any ideas? Do I need to somehow specify that the group is an LDAP group in the configuration file?