Once a user has enrolled their device we’d like to be able to pre-provision offline access to certain windows computers. Currently, users must independently complete the offline-access wizard upon their first login to a computer which has the Duo for Windows/RDP client installed.
Here’s what would be helpful:
Ability to create an offline access entry for a user & computer pairing via the admin console and have that pushed down to both their Duo app as well as the target Windows computer:
- The new offline code entry would automatically appear in their Duo app (e.g “John’s Desktop”).
- The corresponding registry entries would automatically appear under the “HKLM\Software\Duo Security\DuoCredProv\Offline” keay on the target computer.
This would help us greatly with large-scale deployments of Windows laptops and would help us to ensure a standard naming convention for all of the entries in the Duo app