In order to bypass the Windows Logon Agent login when it is not communicating with the AuthAnvil server you have several options:
- Use the Global Override Password in place of an AuthAnvil Passcode If two-factor authentication is not allowing you through, your easiest bypass is to use the Global Override Password that was created during the installation of the agent. This password should be stored securely for access in these types of situations.Are you using an AuthAnvil RMM component to push out the AuthAnvil agents? You may already have a script that can run on the client machines to change the Override Password. You can also download the Override Password Utility tool from http://www.scorpionsoft.com/downloads/2fa under "Maintenance Tools".
- Log in as a member of the Override Group. Every agent has the name of an override group configured. If you do not have access to an account that is a member of this group, log in to your domain controller and simply add your user as a member of this group and you can log in without providing your 2FA credentials. Note: If the machine where you are trying to login is not joined to a domain, it will use the local machine user groups.
- Access remote registry and modify the agent configuration. Open up "regedit" and select File -> Connect Network Registry. Depending on your security settings, this should allow you to connect to the machine where the agent is installed and modify the registry manually. Look for HKLM\SOFTWARE\Scorpion Software\AuthAnvilLogon and you will see the AuthAnvilOverride value. Change this to reflect a group name that your user is a part of, and you will be able to log in to this agent without providing a 2FA credential.Note: You can also disable the 2FA agent completely by deleting the registry value in Step 4:
- Emergency Uninstall / Disable Procedure. There is a single registry key that allows the Windows Logon Agent to be loaded on the login screen. If you remove this key then the agent will not load. For Server 2008 / Win Vista and newer, this change will apply immediately. Older OS environments will have to be restarted for the change to apply. Follow the instructions in the documentation under "Appendix A - Emergency Uninstall": http://www.scorpionsoft.com/docs/authanvil/winlogon Since this is a registry value, you have the option of accessing the registry remotely, or you can restart the server into Safe Mode Without Networking so that the agent is disabled by default.
If you have any questions or need some help, we would be happy to assist. Open a case atkaseya.zendesk.com.