11-10-2020 03:36 AM
Hi,
I would like to check whether setting the global policy to bypass 2fa and not enroll, should still show a logon box for users to authenticate to, when securing 365 with the DAG, even though they then bypass 2fa correctly?
Reason I ask, is with securing RDweb with the same global policy manages to pass without a logon box.
Thanks in advance
Chris
Solved! Go to Solution.
11-10-2020 09:40 AM
Yes, since the Duo Access Gateway is the identity provider, users must still provide their primary username and password even if they can then bypass 2FA. DAG does not support integrated Windows logon (pass-through of desktop credentials) like RD Web can (and I’m guessing you have configured RD Web for integrated auth if you do not see a primary login prompt).
11-10-2020 09:40 AM
Yes, since the Duo Access Gateway is the identity provider, users must still provide their primary username and password even if they can then bypass 2FA. DAG does not support integrated Windows logon (pass-through of desktop credentials) like RD Web can (and I’m guessing you have configured RD Web for integrated auth if you do not see a primary login prompt).
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: