We enabled the 'SMS or Email authentication mechanism choice' (OTPCollect) page to allow the user to choose the way to deliver the One-Time passcode. An observation is for this to work the user needs to have mobile number set in LDAP before login is done or else it gives an error that the mobile number is not set. 

Is it possible in the case where mobile number is not set, that the flow allows them to enter mobile number after they choose the SMS option? Since some users do not have mobile number set in LDAP and we don't want an error for those users when logging in.    

Can this be done Out of Box or what customization is needed? 

Release : 9.1

CA Risk Authentication

CA Strong Authentication

From the Advanced Authentication product perspective, we only do READ operation from the external repositories like AD/LDAP, we can not do any write operations so if Mobile number attribute is not set on the AD/LDAP side, the product will complain and we can not update anything in AD/LDAP so even if we ask for that, updating the Mobile number attribute will fail.
With customization you can achieve the use case e.g. you can check if the attribute is already set or not and show the options based upon that of asking Email OTP or Mobile OTP, other option you might have already though through is to update the Mobile attributes for all the users so this does not happen.
If you want to update the Mobile attribute in AD/LDAP then you have to make a call outside of the AA product to update the attribute in AD/LDAP. If user base is database then you would already seen that option as in that case we can update the attribute in DB so configuration wise you just needed to enable Mobile SMS OTP option and in the flow it will ask the Mobile Number but for external repositories that option is not there from product.