From time to time Passly customers need to remove their agents from deployed machines. This guide will walk you through disabling the agents. There are two main deployed agents for Passly.
- Windows Logon Agents - This agent enforces 2FA on the Windows logins directly via an installed agent. These agents could have been installed on Windows Server 2012 - 2022 or Windows 8 - Windows 11.
- RADIUS - These agents could be installed on Windows Server 2012 - 2022 and was most likely used for a VPN passthrough to enforce 2FA on the VPN client connections.
Windows Logon Agent
The agent would have been deployed following this guide.
If you are locked out of a Windows this guide will walk you through the emergency access process.
Note: This agent does not appear in the Programs & Features section of Windows. You will need to download the installer or use the installer that was downloaded to the machine directly.
Removal steps
- Download the agent from Auth Manager > Agents > specific agent or via this link.
- Run the MSI and select Next when prompted.
- Select Remove.
- If prompted by UAC (Universal Account Controls) select Yes to continue.
- Select Finish to remove the agent.
Note: If the Server/PC/Laptop has a pending reboot triggered for Windows updates this might cause the machine to reboot unexpectedly.
RADIUS
RADIUS would have been deployed via this guide.
RADIUS has two parts, the agent installed and an appliance configuration.
- Passly RADIUS Server/agent - This can be removed from Programs & Features on the installed server by an appropriate Local or Domain Administrator account.
- RADIUS Enabled Appliance - You will need to consult your OEM (Original equipment Manufacturer) for their specific steps. You should find a RADIUS section, pending on the OEM it might a simple on/off toggle.