Hey guys,
I really hope someone can shed light on this, as I sadly never gotten confirmation via case we had with TAC. So, apologies in advance if this sounds like a stupid inquiry, but here it goes...
Say you have company of 200 people and 20 people are IT and they require using MFA. Now, when I worked with TAC for another customer, we had a case for about 20 days and final suggestion was to have people who need to use Radius set up individual local VPN users and then set them up as Radius auth in user properties. Ok, great, that does work, as it was easy to do and they all get mfa prompts on their phones and all is dandy, but what would happen if there is a company of say 2000 employees and 400 of them have to use Radius mfa...who would have time to create 400 individual users via smart dashboard. Its not really a scalable solution in my view...
Now, if I look at ldap group object, you cant assign auth method there, so my question is this...is there ANY way possible to give certain auth method to a group that contains say 20 users from AD? From all I looked at and what TAC checked, we never found a way.
I even reviewed carefully the document attached, but sadly, did not help. The reason why I posted this in the first place is because there is another customer who wants to use Radius soon, but they want to do it gradually...they dont want to move everyone at once. Also, even from vpn_auth screenshot I attached, I dont see option there either to assign specific users to desired auth method. Yes, there is option for common lookup type, but that does absolutely nothing.
If anyone had any suggestions, I would so greatly appreciate it.
Thanks as always!