I have an ASA that speaks to a Microsoft LDAP server to authenticate users via phone calls.
It works fine, for both SSH and the ASDM.
However, for the ASDM, only one 2FA call is required to make configuration edits, but for SSH it seems to require ...