Adding Passly 2FA to Virtual System Administrator (VSA) - 9.1 or Later

When you access the Passly Module for the first time in VSA - newer you will notice a configuration wizard. This configuration wizard will allow you to configure the Passly integration built into VSA.

Note: This integration requires a working Passly tenant. If you are not a current Passly subscriber, please contact your Account Manager.

 

  1. Log into Virtual System Administrator.
    _name_2fa6.PNG
  2.  Select the AuthAnvil Module > Configure AuthAnvil Settings
    _name_2fa.PNG
  3. Select - I would like to configure Two Factor Auth Only._name_2favrpws.png
  4. Select Begin.
    Next Enter the SAS URL for your Passly Server._name_2fa2.PNG
    Note: Your SAS URL will be https://(Your company).my.passly.com/AuthAnvil/SAS.asmx
    : Site ID is always 1
  5. Define a Whitelisted User that will not require Two Factor Authentication._name_2fa2.PNG
  6. Select Verify Settings.
    _name_2favrpws3.png
  7. Once you see the settings are valid select Next.
  8. Now that you have the logon protection configured you can select Finish to apply the settings._name_2fa5.PNG

You should now see the same login prompt when a user is required to use 2FA logs in.


2fa6.PNG

Note: You will not see the 2FA prompt until after you enter your password and select Log On.

Note: This requires a login from a user not in the White list.


_name_logonprompt.PNG
Note For R9.1 - older: Users will need to enter a four-digit pin here as well as the One Time Password.
For the Pin, your users will use Pin: 1111
The actual Pin requirement was a holdover from the old On-Prem configuration. On-Demand does not use the Pin, however, it respects the value being submitted.
Note: If you are using R9.4 - newer only the OTP is required.
Note: As of R9.5 if you enter your Passly password in the OTP prompt it will send a PUSH notice to your mobile Authenticator to approve.

 

Configuration

Once logged in you can manage your user & IP white lists via AuthAnvil Module >Two Factor Auth > Configure Kaseya Logon

_name_2fa7.PNG

In the AuthAnvil Module, you can choose to enable the Two Factor login requirement.

Whitelisted users should be entered in the following format. Comma-separated with no spaces

fred,john,james to domain.com/fred,domain.com/john,domain.com/james

 

IP's can be entered as comma-separated with no spaces. IPs will need to be entered using CIDR format.

Example192.168.1.1/32,10.10.1.1/32

 

Select Save Settings before logging out.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us