Hello, we are currently using the DUO MFA RADIUS server for our primary authentication method for a particular user realm. An Active Directory server is configured as the secondary authentication method. Is there any way to configure Role Mapping such that we can query the user group from the secondary authentication method (AD) in our role mapping rule? We would like to avoid individually adding users using a "Rule based on: Username" rule.
It seems that the Group Membership option to create a rule only works when AD is the primary authentication method. Any way to get this done by perhaps a user attribute when our AD server is secondary? The secondary authentication method is configured specifically as an AD server, not LDAP