04-25-2019 03:11 AM
We have a few windows servers, that run desktop legacy apps
these apps currently run on a limited account, and if any issues the oncall engineer can log in and restart etc…
does anyone have a work around with duo how we can setup this?
example:
user1 - duo user
user2 - duo user
appuser - this needs to shared to the other accounts, but run in this users profile
04-25-2019 05:21 AM
Hi adencool, what are you trying to work around exactly?
Do you want all of those users to be prompted to complete Duo 2FA?
04-26-2019 04:28 AM
Hi mkorovesisduo
yes ideally. as i understood once installed all users will required to do duo 2fa? or is it the case if say “appuser” is not mapped to a duo user, then they will not get prompted for duo 2fa?
04-26-2019 05:54 AM
Whether or not a user will be prompted for 2FA after you have protected an application with Duo depends on a variety of Duo policies and administrative controls.
For example, you can configure a Group Access Policy to control whether users within a specific Duo group are prompted for 2FA. Alternatively, you can set a Duo user’s status to Bypass, which would allow them to access any Duo-protected application without completing 2FA.
However, the default behavior for any Duo-protected application without modifying any policies or administrative settings is to prompt users for 2FA or prompt them to enroll. Note that if you are using our Duo Authentication for Windows Logon and RDP integration, users cannot be prompted to enroll via the Duo Windows prompt. You will have to add them to your Duo user database by other means.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide