I think I've found a bug with the handling of auto provisioned Yubikeys and case sensitive login names. I am using Yubiradius 3.5.4 however do not see this mentioned in the changelog for Yubiradius 3.6.0 unless its under "Additional Bug Fixes". If this is fixed in the latest version then my apologies.
Symptoms: For some users who are using an "Auto Provisioned" Yubikey the Yubikey is not shown in the Yubiradius administration page. The Yubikey can not be assigned to any other user ("Error in adding the key mapping : The User with tokan id abcdefgh.... is already assigned") but also can not be seen to unassign it from the current user. Searching by the YubikeyID yields no results.
(also typo in that error message "tokan")
To reproduce: Find any user in active directory with an upper and lower case logon name (eg JSmith). Enable auto provision of Yubikeys and hand that user a fresh Yubikey. ask them to try and log in with their username in all lowercase (eg jsmith). They will be able to log in using that Yubikey without problems and it will be assigned to their user name however the Yubiradius webmin page will not show them having any Yubikey assigned.
To work around: Change the logon name in active directory to all lowercase, re import the user and the Yubikey ID will appear next to their name. You can now unassign, search for the ID and find it etc.
Is there a way to make YubiRadius non case sensitive since that is how Active Directory works? That would bypass this issue nicely. Alternatively if fixed in 3.6.0 then please let me know and I'll find the time to upgrade.
Cheers,
Neal.
)