Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,
We are using DUO Wondows logon 3.1.1 to enable MFA for our Jump servers. Is it necessary that, users who need to authenticate to those Jump servers should be under the GPO policy “Allow logon locally”.
we have around 500 users who need access to ...
We have intergrated CyberArk with DUO. We are using ldap for first level authentication.
When we connect to ldap directly from CyberArk on 636 SSL port, it is working fine. But when we replace the hostname with DUO server name, it gives bellow error....
Hi Kristina,
We got certificate and key issued for duo server with the Duo proxy server hostname as the subject or subject alternate name. Added the cert (ssl_cert_path ) and key(ssl_key_path) details in .pem format under [ldap_server_auto]section. ...
With 389 it is working perfectly. Only, with 636 is the problem. In Cyberark server, we see below error in windows event viewer log.
*** The certificate received from the remote server does not contain the expected name. It is therefore not possible ...
Hi Kristina,
We have checked the DUO documentation and configured the authproxy.cfg. We gave the SSL cert and key file for ldap.
Debug is enabled but we don’t see any logs for the error in duo logs. Only error we could see is in CyberArk event viewer...
