Note: This integration does not support the use of Push. You will need to use OTP.
When you access the AuthAnvil Module for the first time in Virtual System Administrator R9.1 - newer you will notice a configuration wizard. This configuration wizard will allow you to configure the AuthAnvil integration built into VSA R9.1
Note: This integration requires a working AuthAnvil tenant. If you are not a current AuthAnvil subscriber please contact IAM.email@example.com for more information about signing up.
- Log into Virtual System Administrator R9.1
- Select the AuthAnvil Module > Configure AuthAnvil Settings
- Select - I would like to configure Two Factor Auth Only.
- Select Begin.
Note: See this article if you would like to add both the Logon protection and the Password Server integration.
- Next Enter the SAS URL for your AuthAnvil Server.
Note: Your SAS URL will be https://(Your company).my.authanvil.com/AuthAnvil/SAS.asmx
- Define a White listed User that will not require Two Factor Authentication.
- Select Verify Settings.
- Once you see the settings are valid select Next.
- Now that you have the logon protection configured you can select Finish to apply the settings.
You should now see the same logon prompt when a user that is required to use 2FA logs in.
Note: You will not see the MFA prompt until after you enter your password and select Log On.
Note: This requires a login from a user not in the White list.
Note: Users will need to enter a four digit pin here as well as the One Time Password.
For the Pin your users will use Pin: 1111
The actual Pin requirement was a hold over from the old On-Prem configuration. On-Demand does not use the Pin, however it respects the value being submitted.
Note: If you are using R9.4 - newer only the OTP is required.
Once logged in you can manage your user & IP white lists via AuthAnvil Module >Two Factor Auth > Configure Kaseya Logon.
In the AuthAnvil Module you can choose to enable the Two Factor logon requirement.
White listed users should be entered in the following format. Comma separated with no spaces
fred,john,james to domain.com/fred,domain.com/john,domain.com/james
IP's can be entered as comma separated with no spaces. IP's will need be entered using CIDR format.
Select Save Settings before logging out.