Implementing Duo for Systems & Services

The following Duo installation and configuration instructions are for U-M IT staff who want to implement Duo two-factor for systems, servers, and services that they manage. Two-factor authentication is required for any U-M information system, server, or application that provides access to stored Protected Health Information (PHI).

Overview

Detailed Documentation

  • Duo Naming Conventions
    Describes the naming conventions to be used when setting up an application.The name of an application needs to clearly identify the application to which the user is authenticating.
  • Duo Non-Uniqname Account Management (Active Directory)
    Provides instructions for managing two-factor authentication using Duo for non-uniqname accounts in Active Directory (UMROOT). These accounts are used for administrative access (servers, desktops, users, and so on), vendor access (so vendors can provide support), and more.
  • Duo Unix SSH Installation Directions
    Installation instructions for Duo Unix SSH (Secure Shell). Follow these instructions to set up two-factor authentication with Duo for SSH on your Unix server.
  • Duo Windows RDP Installation Directions
    Installation steps for the Duo Windows RDP (Remote Desktop Protocol) client. Install this to set up two-factor authentication using Duo for your Windows server.