Due to the rise in Ransomware, Hijacking, Cryptojacking, etc. we have made it a requirement for Duo on all servers. We have made this script available as a product to use in your environments as well (*Script is no longer free*)
This script will deploy the Duo Windows/RDP Authentication agent to the device(s) you select. There are a number of variables, or arguments, that are pre-set for you but it has been configured so that they are easily changed. The description in the script, once imported, displays these instructions as well. For a list of arguments: https://help.duo.com/s/article/1090?language=en_US Help article
- If you are feeling kind, please donate. It helps support development time for providing free scripts: https://comertechnology.com/product/donation/
- Download the following script: https://drive.google.com/open?id=14Y0-JmmkqRWRPbiQ_cWTwN8sScguVWH8
- Go System > General > Import > XML Expansion.
- Browse to the file and select it.
- Accept the prompt.
- Go to Browser > Clients. Double click the desired Client
- Under Info > Duo settings. Provide the following information (which you can get from the configured Application in Duo)
- Integration Key
- Secret Key
- API Host
- Run script against the servers at the client.
- Login and verify you are being prompted by Duo.
Defaults and Modifications
The script is currently configured with the following default arguments:
- AutoPush is enabled
- FailOpen is enabled
- RDPOnly is disabled (will work for all logins – console and remote)
- EmableOffline is enabled.
To modify any of these configurations, open the script: !Custom > !Custom – SW – Deploy Duo Windows Authentication
Modify the following lines: 27-34