We are in the process of trying to reconfigure our Duo 2FA environment / Sonicwall SMA410.
We are currently have the Duo / SMA configured using Radius & a Windows 2019 NPS server.
We currently have the routing setup to route across several offices & also each suer can currently see the remote desktop bookmark for all offices.
We want to be able to restrict access to the bookmark / routes based on AD group membership. So if a user is a member of 1office group they will see the bookmark and have the ability to route & see the bookmark for that office group.
Is there a way to get our AD groups to apply within the radius/duo setup? Radius tagging could be used but this could get very involved as we have 30+ AD groups
Is there a way to pass AD group membership Via Duo to the SMA?