Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1906
Views
0
Helpful
1
Replies

Trusted Endpoint for RDP authentication

kivenage
Level 1
Level 1

‎08-18-2020 05:38 AM

i’m trying to figure out if the following scenario is possible:

i have 2 session hosts with RDP auth agents installed. i would like for:

  • enrolled users who are on trusted laptops, bypass DUO 2FA, log in with AD creds
  • enrolled users on untrusted laptops/desktops, challenged with AD creds and DUO 2FA

articles i’ve read so far seem to cover only online apps/browser based applications, and even with the DUO certificate installed on a trusted device, still has DUO challenge being prompted.

Labels:
0 Helpful
1 Reply 1

DuoKristina
Cisco Employee
Cisco Employee

‎09-02-2020 06:14 AM

No, this is not possible today for two reasons:

  • As you observed, the Trusted Endpoints feature supports browser authentication to applications, not local Windows logons.
  • Additionally, the Duo trust certificate is not used to determine whether a user must perform 2FA or not.

Feel free to contact your Duo account executive or customer success manager (if you have one), or Duo support, to submit a feature request for trusted access for Windows logon and/or 2FA bypass for trusted devices.

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents