![]() This integration relies on having the Duo Device Health app present on your Jamf-managed endpoints. On the "New Account" page, set the "Access Level" to Full Access.If the search found the correct user, click the Add button to the right of the LDAP user's information in the search results.Enter the LDAP username in the "Search Users" field of the "Search LDAP Directory Service" page and click Next.Enter and verify a password for the new user.Enter a username for the new account on the "New Account" page.If you chose to create a standard account: Select Create Standard Account or Add LDAP Account as desired, and then click Next. Log in to Jamf Pro as an administrator and click the Setting icon in the top-right.Ĭlick System Settings then click Jamf Pro User Accounts & Groups.Ĭlick New. You only need to create one Jamf API user for Duo to use with iOS and macOS. ![]() You must have previously configured LDAP directory services in Jamf in order to create a new LDAP account. Determine whether you plan to create a standard (local) account or an account from your LDAP directory before you begin. Create a Jamf API UserĬreate a read-only API user in Jamf for Duo to obtain managed macOS and iOS endpoint information. Access to the Jamf Pro Dashboard as an administrator with the rights to create roles, accounts, certificate authorities, and device profiles, and to create new policies and apply them to user targets.ĭuo's trusted endpoints solution supports both Jamf Cloud and on-premises Jamf Pro deployments.Access to the Duo Admin Panel as an administrator with the Owner, Administrator, or Application Manager administrative roles.RequirementsĮnsure you have the following access and privileges: Mobile Trusted Endpoints and Verified Duo Push: Trusted endpoint verification of iOS devices with Duo Mobile uses the standard Duo Push approval process and will not prompt for a Duo Push verification code, even if the effective authentication methods policy for the user and application has "Verified Duo Push" enabled. This guide walks you through Jamf configuration for macOS endpoint clients and iOS mobile devices. Trusted Endpoints is part of the Duo Essentials, Duo Advantage, and Duo Premier plans.īefore enabling the Trusted Endpoints policy on your applications, you'll need to establish API access from Duo to Jamf, then deploy Duo Mobile to your managed iOS devices, or deploy Duo Device Health to Windows and macOS managed systems. You can monitor access to your applications from trusted and untrusted devices, and optionally block access from unmanaged, untrusted devices. When a user authenticates via the Duo Prompt, we'll check for the presence of the Duo Device Health app or a Duo device certificate on that endpoint. Overviewĭuo's Trusted Endpoints feature secures your sensitive applications by ensuring that only known devices can access Duo protected services. Learn more about the end-of-life timeline and migration options in the Duo Trusted Endpoints Certificate Migration Guide. Migrate existing Jamf Certificate Deployment management integrations to Jamf with Device Health. Certificate-based Trusted Endpoint verification for Jamf will reach end-of-life in a future release. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |