I’m investigating setting up Citrix Unified Gateway in NS 11.1 using Duo for 2FA. Before setting up Duo auth, I used standard LDAP authentication, which allowed me to add an additional field (mail) for use with SSO logins to Citrix Sharefile. Sharefile uses email instead of usernames for SSO login, so you can either have users log in with their email address, or you can use standard username and pass an additional LDAP attribute (mail) for SSO. I was able to successfully set up SSO into Sharefile from the UG portal using basic LDAP authentication on the Netscaler. Once I enabled Duo authentication, however, this ceased to work. I realized that it was likely because the mail attribute was no longer being passed. Reading some of the various setup guides I saw a parameter pass_through_all=true that I have added to my radius_server_iframe and _auto sections of my authproxy.cfg file to no avail. Is there a way to pass that particular LDAP attribute using Duo login?