When you access the Passly Module for the first time in VSA - newer you will notice a configuration wizard. This configuration wizard will allow you to configure the Passly integration built into VSA.
Note: This integration requires a working Passly tenant. If you are not a current Passly subscriber, please contact your Account Manager.
- Log into Virtual System Administrator.
- Select the AuthAnvil Module > Configure AuthAnvil Settings
- Select - I would like to configure Two Factor Auth Only.
- Select Begin.
Next Enter the SAS URL for your Passly Server.
Note: Your SAS URL will be https://(Your company).my.passly.com/AuthAnvil/SAS.asmx
: Site ID is always 1
- Define a Whitelisted User that will not require Two Factor Authentication.
- Select Verify Settings.
- Once you see the settings are valid select Next.
- Now that you have the logon protection configured you can select Finish to apply the settings.
You should now see the same login prompt when a user is required to use 2FA logs in.
Note: You will not see the 2FA prompt until after you enter your password and select Log On.
Note: This requires a login from a user not in the White list.
Note For R9.1 - older: Users will need to enter a four-digit pin here as well as the One Time Password.
For the Pin, your users will use Pin: 1111
The actual Pin requirement was a holdover from the old On-Prem configuration. On-Demand does not use the Pin, however, it respects the value being submitted.
Note: If you are using R9.4 - newer only the OTP is required.
Note: As of R9.5 if you enter your Passly password in the OTP prompt it will send a PUSH notice to your mobile Authenticator to approve.
Once logged in you can manage your user & IP white lists via AuthAnvil Module >Two Factor Auth > Configure Kaseya Logon.
In the AuthAnvil Module, you can choose to enable the Two Factor login requirement.
Whitelisted users should be entered in the following format. Comma-separated with no spaces
fred,john,james to domain.com/fred,domain.com/john,domain.com/james
IP's can be entered as comma-separated with no spaces. IPs will need to be entered using CIDR format.
Select Save Settings before logging out.