Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I recently set up a Duo Authentication Proxy server.
The primary authentication server supports plain authentication only, so I had to establish ldaps (or starttls) for the transport.
To do that, I have to set ssl_ca_certs_file to a path pointing to ...
I’m trying to set up a Duo Authentication Proxy server and while I’ve made some progress, I’ve just run into an issue I can’t find documented anywhere.
We’re using the proxy so we can use Duo for vSphere (6.7).
vSphere is set up with an identity sour...
Looks like this was a known security flaw, and it was fixed in 5.1.0 .
Duo Security
Authentication Proxy - Release Notes
Duo’s trusted access solution enables organizations to secure access to all work applications, for ...
I wasn’t sure what was needed, exactly, so I copied the whole chain.
Regardless, the file doesn’t seem to do anything. If I create an entirely blank text file and point ssl_ca_certs_file to it, then restart the DuoAuthProxy service, everything still...
For our application (vSphere), it appears that it was a simple matter of choosing the attribute that does not include @ instead of the one that does. Or we could have requested normalization be enabled in our Admin Panel (we don’t have direct access...
The problem is all of our users already do exist in Duo.
I don’t have access to our Duo Admin Panel (I have to go through a ticketing system to request the iKey, sKey, and API Hostname), but this has been a recurring problem in our deployments. User...
It seems that the error message is referring to not finding the Duo username among the default set of returned attributes from the LDAP search request.
I found that adding username_attribute=<Our Principal Attribute, user@org.domain> and at_attribute...
