Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
259
Views
0
Helpful
1
Replies

User synchronization with Duo

msbang
Frequent Visitor
Frequent Visitor

‎05-07-2026 10:33 PM

We have currently integrated Duo with Secure Access for testing purposes. However, it seems that only some of the user information created in Duo is being synchronized, while the remaining users are not syncing properly. What could be causing this issue?

We have also integrated it with AD for testing, but the users imported from AD are also not being synchronized to Secure Access. Is there any specific reason for this?

Please help us.

Labels:
0 Helpful
1 Reply 1

Ivan Gonzalez
Cisco Employee
Cisco Employee

‎05-08-2026 08:38 AM

Hello,

It sounds a like a potential configuration issue on the application within Duo, have you checked the informaation about limitations and best practices from Secure Access just to validate everything is properly configured https://securitydocs.cisco.com/docs/csa/olh/136532.dita the things I would highlight to be reviewed are:

  • Secure Access supports provisioning a maximum of 1000 groups from Duo. Any groups beyond this number that are in scope are not provisioned. Secure Access does not restrict the number of users that you can provision from Duo. For more information, see Limitations and Range Limits.
  • To ensure that all users are provisioned, assign the Everyone group to the Cisco Secure Access app. You can push other additional groups for group-based Secure Access rule enforcement.
  • Duo does not support nested groups.
  • If you previously imported groups from the on-premises AD and push the same groups from Duo, the groups from Duo do not overwrite the groups imported from the on-premises AD. You must reassign any group-based Secure Access policy rules to the groups imported from Duo.

The appropiate attribute mapping is very important as well https://securitydocs.cisco.com/docs/csa/olh/136568.dita:

IvanGonzalez_0-1778254575981.png

Also, to review if there are any errors on some of the groups getting synced, could check the "Recent Logs" section withing the "Provisioning" tab whithin the Secure Access Provisioning App in Duo Dashboard.

 

 

0 Helpful
Customers Also Viewed These Support Documents