Custom Scenario help

Integration / Auth Clients
1

Hi, this is my actual scenario:
1 vm UCS server ad AD/LDAP server
1 vm PrivacyIDEA conntacted to UCS as Realm and hosts resolver
1 external application that use UCS LDAP for users authentication.

Can I ask a privacyIDEA 2FA every time that user asks to authenticate in external application?
external application have only AD or LDAP connector.

if it is possible, how?

Thank you
Regards

2

may be ldap proxy - GitHub - privacyidea/privacyidea-ldap-proxy: LDAP Proxy to intercept LDAP binds and authenticate against privacyIDEA is that what you need? with it PI act as ldap server.
But I think it needs paid subsription if you have more than 50 users.