I’ve recently started a new DUO account to trial a setup with DUO, Microsoft ADFS and VMware vSphere.
Currently the base setup (ADFS+vSphere) is deployed and working alright, meaning that vSphere is able to authenticate through ADFS. But as soon as I introduce DUO in the equation, I get the following error in ADFS:
• Error details: MSIS7065: There are no registered protocol handlers on path /adfs/oauth2/authorize/ to process the incoming request.
The setup has the following versions:
vSphere 7.0.3.00700 Windows Server 2019 with ADFS DUO duo-adfs3-2.0.0
To be clear, I do receive the pop-up in my device from DUO when attempting to login, and the redirect to DUO (api-XXXXXXXX.duosecurity.com in my case) is working, the issue seems to be when returning to ADFS, I get the above error.
It’s not clear to me where (in what component) the error is.
I’ve seen a blog post from VMware stating that this setup works (https://blogs.vmware.com/customer-experience-and-success/2022/06/tam-lab-enabling-mfa-in-vsphere-7.html) but it is from June 2022, when frameless DUO still wasn’t implemented.
The implementation also follows the blog post above, or rather, the videos from it.
Would you be able to further provide troubleshooting steps for this issue?
Kind regards.
I had a similar issue recently during the VCenter and Duo integration for both the Server and the OAuth App. I installed and configured Duo as a first step follow the similar TAM Video
The next step I did was to enable IdPInitiatedSign On by running this command
Then configure the Server Application SSO from the same TAM Instruction Video
Then carry on Configuring the OAuth Application for PowerCLI.