Question
How can we migrate our legacy AuthAnvil On-Premises Password Server into the Passly integrated cloud Password Server?
Answer
The Integrated Password Server has a migration tool built directly into the tenant.
Note: The Notes from the AAOP Password Server will not be gathered by the export. These will need to be manually migrated on a per password record basis. Performing a full export from AAOP Password Server should export the notes in clear text.
Migration
There are some differences between the two products.
User access controls
You will want to create a Passly security group in your tenant for each Role that you use in AAoP Password Server. See this guide for setting up Groups.
Note: Users will need to log out and log in before they see any new Vaults once added to the group(s).
Password Policies.
If you have created any unique AAOP Password Server policies those policies will need to be manually created by following these steps.
Note: Failure to create custom Password Policies might cause the import to create an excessive number of polices.
- Log into to your Passly tenant https://(companyname).my.passly.com
- Select Password Server,
- Select Password Policy.
- Select +New.
- Customise the policy to match your existing AAOP policy.
- Select Save Changes to commit the policy for use.
Migrating the actual Passwords
- Log into to your Passly tenant https://(companyname).my.passly.com
- Select Password Server,
- Select Import.
- Select Migrate On-Premises Server.
- Download the Migrator tool.
- Copy the VaultMigrator.zip to the AuthAnvil On-Premises Server.
- Decompress VaultMigrator.zip on the local drive.
Note: Using a network share or LANCACHE will not allow the import to complete. - Run VaultMigrator.exe
Note: We recommend that elevate the command when this is run (Run as Administrator).
Note: Database name should be AuthAnvilPasswordServer.
Note: If you installed AAOP using a default installation this would normally have used Windows Authentication. If you were not the original installation admin you might need to review your SQL user access groups.
Note: SQL Server\Instance. If you have installed AAOP 2FA/Auth Manager then check the web.config located in C:\Program Files\Scorpion Software\AuthAnvil\AuthAnvilSAS on Line 27 you should see something like <add key="DBServer" value="dbserver.\authanvil" />.
Note: The AAOP Password Server web.config can be located in C:\Program Files\Scorpion Software\AuthAnvil Password Server\AAPS
Note: It is optional to include personal Vaults, they are not required for the migration - Once you have entered the above select Start Migration.
- Migrator tool will export to \\VaultMigrator\zip\
- In Passly > Password Server select Next.
- Drag the compressed folder into the field.
- Select Next to import the selected file.
- Enter the Secret Key from the tool on the AAOP server.
- Select Next,
- Select the Initial Admin group.
- Select Migrate Passwords.
- The process will complete in the background from here.