Duo Authentication Proxy ad_client configuration

Hi,

In order to integrate my Duo AuthProxy with AD, we need to config the following:

[ad_client]
host=1.2.3.4
host_2=1.2.3.5
service_account_username=duoservice
service_account_password=password1
search_dn=DC=example,DC=com
security_group_dn=CN=DuoVPNUsers,OU=Groups,DC=example,DC=com

In the above config, I have some queries:

  1. Does the ‘service_account_username’ needs to be an administrator privileged ad user?
  2. Can I encrypt the ‘service_account_password’? It’s written in a clear text so I am a bit worried.
  1. No need to have admin privileged ad user.
  2. More details on how to encrypt password or any secret data can be found at the URL below
    https://help.duo.com/s/article/2340?language=en_US
1 Like

@Chandrashekhar_B_Ran, Thanks a lot :+1: