How does the AuthAnvil Override Group Work?

By default the Windows Logon Agent enforces strong authentication on all accounts. This means that every account that is presented with a Windows Logon dialog box on systems where the AuthAnvil Windows Logon Agent is installed must present their AuthAnvil passcode along with their Windows logon credentials.

There may be times when this isn't desirable for all accounts. In such a case, it is possible to assign a user to a Local or Active Directory Security Group which our agent will honor. If someone is a member of that group, they will not be required to enter their AuthAnvil passcode. They can leave that field blank.

Note: For security reasons, the AuthAnvil Override Group does not support nested groups. Any users who are members of groups that are members of the "AuthAnvil Override Group" will not be allowed to log on without a token.   

During installation the AuthAnvil Override Group is defined by the by the person running the installer. It is the responsibility of the Local or Domain administrator to create this Security Group and assign users as required by their corporate security policy if you wish to use this feature.

You can set the AuthAnvil Override Group after installation by opening up the AuthAnvil Logon Config control panel in Control Panel, and selecting the SBS Remote Web Workplace Users group from the Override Group drop-down box and clicking "Apply".



If you have any questions or need some help, we would be happy to assist. Open a case at or send an email to

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section