Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1078
Views
0
Helpful
2
Replies

Specific AD group in Duo Auth proxy

Asfandyar70754
Level 1
Level 1

‎11-20-2021 07:01 AM

Hey guys,
I have implemented Duo for Vpn users, but I am facing some difficulty.

I have 2 groups in my AD and 1 group is for Vpn users and other is not, So while making the Duo Auth proxy we do give AD’s IP address but I wanted to know if there is some way to specify in Duo Auth Proxy to use only specified group for authentication.

After implementation Duo non Vpn user group were able to use Vpn for some reason and I want to limit that, I only want to give speific group detail to auth proxy, is it possible?

Labels:
0 Helpful
2 Replies 2

Antony GALLEZ
Level 1
Level 1

‎11-22-2021 05:30 AM

Hello,

You may decide in your sync to restrict the groups you want to import in Duo.

And depending the application type you use, you should be able to restrict it to groups.

HTH,
Antony

0 Helpful

DuoKristina
Cisco Employee
Cisco Employee

‎11-23-2021 03:18 PM

If you want to permit only members of a specified group to authenticate you could use the ad_client security_group_dn or ldap_filter options to restrict to that group.

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents