Duo LInux two-factor and Windows AD domain users

We’ve implemented Duo two-factor authentication (pam_duo) on our Linux machines.

We’re looking into adding our Linux machines into our Windows active directory. After adding one of our Linux machines to our AD, I’ve noticed that the local user 2FA no longer is required when signing in but is required for admin privilege (sudo).

Is there a way still apply two-factor authentication for local and domain accounts?

For our domain users, we are authenticating with another third-party vendor.