I'm having trouble setting up the F5 BIG-IP APM
I would like to use the OTP authentication function that F5 BIG-IP APM has as standard.
I want to send the OTP to the email address of the mobile phone registered in Active Directory.
Has anyone ever made such a setting?
please give me your wisdom.
Which DB do you expect to find your email address?
Usually, people stores email and phone information in the AD and APM can get both using a LDAP query.
VPE policy should look like this:
- LDAP query to get email
- Generate OTP code
- Send an email with the previous code
- Use a logon page to ask for that code
- Verify the code