Cisco DUO is a multi factor authentication platform. It provide multiple ways to do single sign on. One of the way is to integrate Cisco DUO with active directory. Cisco DUO provide easy and consistent login experience for every application weather they are located on cloud or on-premises. In this post will see how DUO integration with Active directory can be done to provide SSO (single sign-on) capability.
Configuration steps to integrate Cisco DUO with active directory.
Step 1> Define Authentication sources
1> Navigate to Single Sign-On tab and click on Add sources
Two options would be given to the end user for single sign on it can be done using active directory or using some SAML IDP. Click on Add active directory.
Once we click on Add an Active directory, It will list down all the steps we need to do.
2> First step we need to do is install authentication proxy. Click on Add authentication proxy
The installer for authentication proxy can be downloaded from the page and there is configuration given in the page which need to be configured on the authentication proxy installed on the domain controller.
3> Install the DUO authentication proxy on a domain controller or on a machine joined to the domain using the exe file downloaded in previous step.
Once the Duo authentication proxy Manger opens up we need to enter the details provided on the page to configure duo auth proxy.
4> Copy the CLI command given on DUO portal and run on the admin cmd of the machine where DUO authentication proxy is installed.
5> Run the test option given on DUO portal
Click on go back to configuration
6> Enter AD details and click save
7> Test the configuration by clicking on Run tests.
Test result can be see as below
With this we have done successful integration of Cisco duo with active directory for SSO. The integration can be used in various application protected by DUO.