Advanced Authentication 6.x
Advanced Authenttication - SaaS
Error returned: "Login failed, please try again."
Error is even returned with LDAP password login.
Logs show non-unique value for user name returned during user look up.
Problem user has two accounts in the directory, both with the same email address.
As stated in online documentation for "User Lookup Attributes," Advanced Authentication validates the specified attributes for an entered user name. See https://www.netiq.com/documentation/advanced-authentication-63/server-administrator-guide/data/add_ldap_repo.html#user_lookup_attr
Advanced Authentication will validate all of the specified attributes for each user. If the values for all listed attributes are not unique, Advanced Authentication will not be able to identify the user and login will fail.