DUO Proxy installed on Domain Controller


#1

Hello. Is it supported to run the proxy directly on the domain controller? I’m trying to minimize the server foot print.

I have everything configured for LDAP and connectivity checks out ok via the connectivity_tool. The log does tell me that obviously something is already bound to 389. Is it possible to change the port the duo listens on? I can then specify the port in my client config.


#2

We do not recommend this for a variety of reasons, one being the issue you describe (where ports are already in use).

You can change the port that the Duo proxy uses for incoming LDAP requests in the authproxy.cfg file using the port= setting, which is mentioned in that KB article linked above and also documented in the Duo Authentication Proxy reference.