When a user is added to AD with an email address the email otp method is auto enrolled. Furthermore, when the email address attribute is removed from AD on a user the email otp auto enrollment is retained but the email address is removed from AAF. When the email otp auto enrollment has no email address the user is not able to do any of the following things with that enrollment:
1. Test the enrollment in the enrollment portal
2. See email otp as an available authentication method in the windows client, aaf saml/osp auth, or aaf portal.