Subject: How to successfully install Cisco Duo Security 2FA MFA in Windows Server using Active Directory Group Policy Objects (GPO)
I have finally solved the problem on 4 May 2022 Wednesday morning in Singapore.
These are what you have to do.
Refer to the following guide.
Reference guide: Duo Authentication for Windows Logon (RDP) - Active Directory Group Policy
Create the 1st Group Policy Object (GPO) using the above guide, under the section "Creating the Duo Authentication for Windows Logon GPO".
DO NOT create the 2nd Group Policy Object (GPO) under the section "Deploying Duo Authentication for Windows Logon to clients using Active Directory". This is because Cisco Duo Group Policy MSI installer (.msi) is incompatible with and cannot install on Windows Servers. The MSI installer only installs on domain member workstations like Windows 8, Windows 10, and Windows 11.
Since my task is to install Cisco Duo client on Windows Server 2012 R2 Datacenter, I repeat, DO NOT create the 2nd Group Policy Object (GPO).
Download and install the Cisco Duo client (.exe) and follow the instructions from the following guide.
Reference guide: Duo Authentication for Windows Logon and RDP
That's all. You have successfully installed Cisco Duo client on Windows Server 2012 R2 Datacenter, which is a domain member server.
I have figured out all of these on my own.
Mr. Turritopsis Dohrnii Teo En Ming
5 May 2022 Thursday