We have one user that belongs to two different ldap groups. One group have "ldap" authentication and the other have "ldap+radius". I would expect that CA PAM would choose the most stronger but it's not the case. From my tests, the user can only login using ldap. If it uses ldap+radius , on the CA PAM Client, he can't login .
Is there a way to change between authentication types without having to remove this user from one of the groups?
Thanks in advance