We currently use Duo Logon (Windows/Mac/Linux) for 2FA on all end points because it has an "offline" option on Windows and Linux as well as supports RDP and SSH, which ADSSP Client MFA does not support. However, we would like to add the ADSSP Client / GINA support for our users at the desktop login screens in order to allow users to reset their passwords from the login screen.
We are using ADSSP 6111 and Duo Logon Windows (22.214.171.1248), Mac
I have attempted on one Windows machine following the documentation here (Which BTW was terribly hard to find and not included in the regular documentation that I could find): https://download.manageengine.com/products/self-service-password/integration-with-third-party-winlogon-extensions.pdf
. and here for Duo: https://help.duo.com/s/article/4041?language=en_US. However, after following the documentation in both locations to attempt to get it to work, which some of it didn't seem to apply correctly, I do not see the option on the login screen that allows the password reset. I believe I have Duo configured correctly on Windows, but believe there is some missing configuration piece. The one thing that seems incorrect in the documentation, for the latest release of the ADSSP client is the "For GINA" section. It talks about adding a reference to ADSSPGina.dll, but this dll does not exist in the installation.
I am wondering, before proceeding with the setup, what the interaction will be with the Duo Mac Logon client. There does not seem to be any setup options that allows the two to interact. Will they interact correctly if there are multiple login authenticators?