Separate LDAP integrations on the same proxy


#1

How do i config ldap_server_auto to use two different integrations on the same duo proxy?

I have my ad_client, and ad_client2 scoped to different search dn’s, and I have tried ldap_server_auto and ldap_server_auto2, and also tried port=390/ssl_port=637 on the second ldap config section, but the service won’t start.


#2

Your approach sounds correct.

If you’re running the proxy on Windows, check the Application Event Viewer and look for an Error from the source “DuoAuthProxy”. It should tell you which line of your config is causing an issue. On Linux, running /opt/duoauthproxy/bin/authproxyctl start on the command line will output any errors.

You’re welcome to paste the contents of your authproxy.cfg file here, stripping out any sensitive information (like your Duo ikey/skey, or ad_client password).