Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1013
Views
1
Helpful
1
Replies

RRAS SSTP with UserPrincipalName

Go to solution
susse77
Level 1
Level 1

‎09-15-2021 02:51 AM

We have DUO Authentication working for RRAS (SSTP) on Server 2019 by use of the pre windows 2000 logins. We would like to have it to work with the userprincipalname. For that we have a directory sync in the portal that uses this and that part seems ok.

In the authproxy cfg we have a line under [ad client] that also states to pick the userprincipalname.

Yet, when using a windows 10 desktop to connect to the vpn, only logging in with samaccountname works (wich is setup under directory sync as alias 1).

Some advice would be welcome.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
susse77
Level 1
Level 1

‎09-15-2021 12:31 PM

Found it!

Add the following to the authproxy.cfg under [ad_client]

username_attribute=userPrincipalName

Go to the duo portal > applications and edit your application to set Username normalization to NONE.

Last bit it to add a username alias under directory sync and bind it to userprincipalname.

Wrote it down in Dutch on DUO MFA voor SSTP VPN met UPN – Steijvers.com

View solution in original post

1 Reply 1

Go to solution
susse77
Level 1
Level 1

‎09-15-2021 12:31 PM

Found it!

Add the following to the authproxy.cfg under [ad_client]

username_attribute=userPrincipalName

Go to the duo portal > applications and edit your application to set Username normalization to NONE.

Last bit it to add a username alias under directory sync and bind it to userprincipalname.

Wrote it down in Dutch on DUO MFA voor SSTP VPN met UPN – Steijvers.com

Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents