![]() ![]() ![]() These usernames must match to take advantage of Duo MFA for a particular user. If a username in Duo does not match a StrongDM username (which is typically an email address), you need to create an alias in Duo for that user. Duo username mismatch with StrongDM username # If using SSO, we recommend setting up MFA through your SSO provider to also trigger MFA prompts during user logins. In this scenario, your configured MFA only plays a role to re-authenticate users when the desktop app locks due to inactivity, not during normal login attempts. ![]() When you set up an SSO provider to authenticate with StrongDM and also enable MFA in the Admin UI, MFA prompts during logins do not occur. The following topics can help you troubleshoot any errors you receive while logging in. You may run into issues authenticating your StrongDM account with Duo MFA enabled. Once the enrollment steps are complete, the user can return to the StrongDM window to finalize the login process. When Duo MFA is enabled, the new user registration process halts when the user clicks the link in the invitation email, and then displays a link to the Duo self-enrollment process. Register a New User With Duo MFA Enabled # The process of logging in to the desktop app or the CLI with Duo MFA enabled is similarly altered. After entering the username and password, the login page contains a “Waiting for MFA…” message, which displays until the Duo challenge is accepted. The login process once Duo MFA is enabled includes only one change. Ensure that Test MFA is successful before activating MFA or your admin account may become locked out! ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |