DUO MFA and username with a space

Showing results for 
Show  only  | Search instead for 
Did you mean: 

DUO MFA and username with a space

L0 Member

8.1.2 platform

LDAP user with a space in the username "john smith@ldap.com"

Auth profile with sAMAccountName working fine for "john smith" tested from cli

GlobalProtect with single factor LDAP auth working fine externally for "john smith"

Auth policy for MFA to duo push working fine for "test.user" but not for "john smith"

Aliases tried but just doesnt work for Duo push when there is a space in the username.

There's no failed auth attempt logged in Duo but you dont get that much logging information from Duo so short of a PCAP, not sure if the problem is Palo not sending the auth request or Duo not liking it. 


Anybody else got this working?

I tried creating a local user on lab firewall but it doesnt allow a space in username. Traffic logs will look different since the auth fails somewhere but which log will show if the Palo sends the auth in the same way? Or is it a TLS decrypted PCAP of the API required?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!