How does DUO work with PDQ?
Because of cyber insurance reasons we need to setup MFA for all admins RDP and local login. I'm concerned that this may prohibit the ability to push out and install packages using the PDQ admin account. For example if I push a package to a workstation that has the DUO client will it timeout because there was no MFA? Or does it not prompt on unattended installs? Does it work differently if it's Pull vs Push?
I just want to know what I'm getting myself into before I dive in. Thanks!
1
Comments
Michael,
Don't quote me on this but I think it would still work. PDQ Deploy installs software essentially under a service account, not using a live interactive session. I do not think that would be subject to your MFA rules for RDP and local login.
Again, I could be mistaken as I haven't tested this.
The Duo Client for Windows protects logins or interactive UAC prompts. You can read more about what it will do and not do at the top of this page: https://duo.com/docs/rdp
It's fine. I'm undergoing the same process and DUO doesn't interfere with any PDQ activities. I'm also using PDQ to deploy the DUO client :)
Thanks guys! I appreciate the comments and reassuring me it won't be a problem.