After first login using Workspace, the password fields are changed to Password1 and Password2 and switched to Radius then LDAP.

LDAP + Radius DUO works fine on browsers but on Workspace, only the first login shows password/passcode using LDAP first and Radius second. Subsequent logins give Password1 and Password2 and you have to enter Radius token first with LDAP secondary; if you try to enter LDAP first and RADIUS token second, auth will fail.

If you enter LDAP password then RADIUS token, then in a trace for POST to /cgi/login you will see that the form items are reversed and passwd, which should be your LDAP password is your Token instead. You will also see that passwd1 which should be the Token is your LDAP password instead.


  • No Related Posts

Leave a Reply