Folks, I’ve been asked to evaluate advantages of moving from an already installed ADFS4 infrastructure to using Duo’s DAG product for office 365 auth. After reviewing the doc’s and watching the DAG install support video I’m having a hard time seeing why this would be a good option.
The main reason for our switch is to provide better support for legacy mail clients, and from what I can gather, the DAG only provides a way to implement a exception group, allowing those contained users to bypass. (which could be done with a rule in ADFS as well). NOT an application password.
If you have made this comparison yourself, we would like to hear your advice!