Hi All, is anyone using Wintegrate in conjunction with MFA? We're looking to implement DUO to do Radius based authentication. 
We are using Wintegrate v6.3.6 (Local Clients) to connect to Unidata for Windows (8.2.1. build 9104).
I'm thinking we'd login in via Wintegrate as usual, but within the login voc we'd interact with DUO at that stage to do a push to mobile devices etc. for verification.
I'd be interested to know if any other users have this in place.
------------------------------
Norrie Steele
Mainetti UK Limited
------------------------------
        
            Page 1 / 1 
    Hi All, is anyone using Wintegrate in conjunction with MFA? We're looking to implement DUO to do Radius based authentication. 
We are using Wintegrate v6.3.6 (Local Clients) to connect to Unidata for Windows (8.2.1. build 9104).
I'm thinking we'd login in via Wintegrate as usual, but within the login voc we'd interact with DUO at that stage to do a push to mobile devices etc. for verification.
I'd be interested to know if any other users have this in place.
------------------------------
Norrie Steele
Mainetti UK Limited
------------------------------
We are using Wintegrate v6.3.6 (Local Clients) to connect to Unidata for Windows (8.2.1. build 9104).
I'm thinking we'd login in via Wintegrate as usual, but within the login voc we'd interact with DUO at that stage to do a push to mobile devices etc. for verification.
I'd be interested to know if any other users have this in place.
------------------------------
Norrie Steele
Mainetti UK Limited
------------------------------
I can't speak for how many others out there may be using MFA with wIntegrate. We (Rocket U2) may be looking at a true MFA solution for the U2 databases in the coming future that would work with telnet, which I assume you are using on Windows. Sounds like you are planning on a 3rd party solution, but the other option available now would be using U2 Python to send SMS authentication codes as 2FA to allow logon. Let me know if you would like some more information on that topic and I can see if our U2 Python expert can follow up with you.
Also, if you are using SSL telnet with wIntegrate, then I would suggest an upgrade from the 6.3.6 version to the latest 6.4.4 release of wIntegrate. 6.3.7 was the first version to begin support of the TLSv1.1 and TLSv1.2 protocols, so you will only have up to TLSv1 available in the 6.3.6 version, which isn't the most secure today and won't meet most security mandates. TLSv1.3 is being considered for an upcoming release.
Kind Regards,
Michael Belme
Rocket U2 Support
------------------------------
Michael Belme
Rocket Software
------------------------------
Hi Norrie,
I can't speak for how many others out there may be using MFA with wIntegrate. We (Rocket U2) may be looking at a true MFA solution for the U2 databases in the coming future that would work with telnet, which I assume you are using on Windows. Sounds like you are planning on a 3rd party solution, but the other option available now would be using U2 Python to send SMS authentication codes as 2FA to allow logon. Let me know if you would like some more information on that topic and I can see if our U2 Python expert can follow up with you.
Also, if you are using SSL telnet with wIntegrate, then I would suggest an upgrade from the 6.3.6 version to the latest 6.4.4 release of wIntegrate. 6.3.7 was the first version to begin support of the TLSv1.1 and TLSv1.2 protocols, so you will only have up to TLSv1 available in the 6.3.6 version, which isn't the most secure today and won't meet most security mandates. TLSv1.3 is being considered for an upcoming release.
Kind Regards,
Michael Belme
Rocket U2 Support
------------------------------
Michael Belme
Rocket Software
------------------------------
I can't speak for how many others out there may be using MFA with wIntegrate. We (Rocket U2) may be looking at a true MFA solution for the U2 databases in the coming future that would work with telnet, which I assume you are using on Windows. Sounds like you are planning on a 3rd party solution, but the other option available now would be using U2 Python to send SMS authentication codes as 2FA to allow logon. Let me know if you would like some more information on that topic and I can see if our U2 Python expert can follow up with you.
Also, if you are using SSL telnet with wIntegrate, then I would suggest an upgrade from the 6.3.6 version to the latest 6.4.4 release of wIntegrate. 6.3.7 was the first version to begin support of the TLSv1.1 and TLSv1.2 protocols, so you will only have up to TLSv1 available in the 6.3.6 version, which isn't the most secure today and won't meet most security mandates. TLSv1.3 is being considered for an upcoming release.
Kind Regards,
Michael Belme
Rocket U2 Support
------------------------------
Michael Belme
Rocket Software
------------------------------
Thanks very much for your reply. I've read the article below on sending SMS via python and it maybe an option, however I would have preferred you use a push notification to an app rather than SMS.
https://blog.rocketsoftware.com/multivalue/2020/06/how-to-send-sms-text-messages-from-u2-with-python/
I'm going to try the DUO Authentication for AD to see if this gives me what I'm after.
https://duo.com/docs/winlogon-gpo
I'll update this thread with the results.
Kind regards,
Norrie.
------------------------------
Norrie Steele
ERP Systems Administrator
Mainetti UK Limited
Jedburgh United Kingdom
------------------------------
Sign up
Already have an account? Login
Welcome to the Rocket Forum!
Please log in or register:
Employee Login | Registration Member Login | RegistrationEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.

