Pre-Provision Offline Codes for RDP/Windows RDP?

Once a user has enrolled their device we’d like to be able to pre-provision offline access to certain windows computers. Currently, users must independently complete the offline-access wizard upon their first login to a computer which has the Duo for Windows/RDP client installed.

Here’s what would be helpful:

Ability to create an offline access entry for a user & computer pairing via the admin console and have that pushed down to both their Duo app as well as the target Windows computer:

  • The new offline code entry would automatically appear in their Duo app (e.g “John’s Desktop”).
  • The corresponding registry entries would automatically appear under the “HKLM\Software\Duo Security\DuoCredProv\Offline” keay on the target computer.

This would help us greatly with large-scale deployments of Windows laptops and would help us to ensure a standard naming convention for all of the entries in the Duo app