06-18-2018 08:14 AM
Hi,
We are using DUO Wondows logon 3.1.1 to enable MFA for our Jump servers. Is it necessary that, users who need to authenticate to those Jump servers should be under the GPO policy “Allow logon locally”.
we have around 500 users who need access to the servers (joined to organization’s domain), so should 500 users be added manually or domain GPO policy?
Anyway, we can bypass this without changing the domain GPO policies?
Regards,
Lavanya G
Solved! Go to Solution.
06-18-2018 08:44 AM
Yes, any user who will be logging into your jump server where Duo is installed needs the “Allow logon locally” right.
If the domain policy overrides local policy then yes, you must edit the domain policy.
The easiest way to grant this right to 500 users is to put them in a group and grant the right to the group in your GPO.
06-18-2018 08:44 AM
Yes, any user who will be logging into your jump server where Duo is installed needs the “Allow logon locally” right.
If the domain policy overrides local policy then yes, you must edit the domain policy.
The easiest way to grant this right to 500 users is to put them in a group and grant the right to the group in your GPO.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: