Issue
When an Active Directory user logs in to Kaseya the login screen will display an error "Invalid AuthAnvil passcode". This occurs after the user is authenticated against the Domain Controller.
Cause
During the upgrade from Kaseya 6.2 - 6.3 Kaseya updated how they handle Domain integration. This caused the 2FA authentication to fail.
Resolution
Note: Before proceeding back up both C:\Kaseya\WebPages\AuthAnvil\inc\authanvil.asp & C:\Kaseya\WebPages\access\logon.asp.
Step 1. Using an Elevated Notepad (Run as Administrator) on the Kaseya server open C:\Kaseya\WebPages\AuthAnvil\inc\authanvil.asp
Replace:
var passcode = new String(Request.form("passcode")); // Get the passcode from the form
if(passcode == "undefined" ) passcode = "";
With:
var passcode = new String(Request.form("passcode")); // Get the passcode from the form
if(passcode == "undefined" ) passcode = new String(Session("passcode"));
Session.Contents.Remove("passcode");
Step 2. Save the file in it's current location.
Step 3. Using an Elevated Notepad (Run as Administrator) on the Kaseya server open C:\Kaseya\WebPages\access\logon.asp
Note: VSA may have already updated their logon.asp file to reflect the new code. If so, do not make any updates.
Replace:
<%
} else if (Number(loginState) == 2) { // resubmit form with the password so it can be checked with the domain controller
%>
With:
<%
} else if (Number(loginState) == 2) { // resubmit form with the password so it can be checked with the domain controller
Session("passcode") = new String(getFormStr("passcode"));
%>
Step 4. Save the file in it's current location.
Affects
Kaseya 6.3 with AuthAnvil 2FA protection installed
Questions?
If you have any questions or need some help, we would be happy to assist. Open a case at help.scorpionsoft.com or send an email to support@scorpionsoft.com.