Reference Material | Duo Security
Configuring Duo Security with Specops Authentication for uReset will extend Duo Security’s two-factor authentication system to uReset users. The configuration must be completed from the same computer running the Gatekeeper.
Configure Duo Security with uReset
Pre-requisites: The Owner, Administrator, or Application Manager Administrative Roles are required in Duo.
- Login to the Specops Authentication web: https://login.specopssoft.com/authentication/admin
- From the uReset menu, enable Duo in the policy.
- Click Identity Services from the top menu.
- Select Duo.
- Log into the Duo Admin Panel.
- Click Applications in the left sidebar, then click Protect an Application.
- A page with a list of the different types of services that can be integrated with Duo will appear. Find Web SDK, and click Protect this Application.
- The Details section will display the Integration key, Secret key, and API hostname. Copy the details into their corresponding field on the Specops Authentication web.
- Click Test Connection to validate the settings, and click OK.
- Return to the Duo Admin Panel, and scroll down to the Settings > General. Enter a name for the application, for example Specops Authentication. This name will be displayed to users when authenticating with O365 using Duo Security.
- Configure the General Settings, Global Policy, or create a new policy, as you see fit.
Note: If Allow Access or Deny Access is enabled in the New User Policy setting, unenrolled users will not be permitted access to authenticate with Duo Security during a password reset.
- Specify the user attribute in Active Directory that is used during directory sync. By default, the Duo username is stored on the samAccountName. If Duo Security is enabled in the policy, all affected users will be enrolled with Duo Security on Specops Authentication. Enrollment with Duo Security is required before it can be used with Specops Authentication for uReset.