If the ADUS URL (https://(Your AuthAnvil Domain)/AuthAnvil/ADUS/ADUS.asmx) is reachable from the ADUS server then the first thing to check is the Active Directory entry.
When you check the ADUS server Event Viewer / Windows Logs / Application - You may see ADUS entries like the following;
DEBUG INFO Completed Update Sync. GetListOfUsers() information: One or more users in the security group AuthAnvilSoftTokenUsers were not included due to empty account information field(s).
This Event viewer entry indicates missing information in the AD user preventing ADUS from adding it to 2FA.
We need to make sure the following information is complete in Active Directory for each user affected.
- First Name
- Last Name
- Email address
- Account name
User is a member of the correct AD Security Group to be added to 2FA. The group by default is AuthAnvilSoftTokenUsers or AuthAnvilHardTokenUsers.
Note: ADUS does not support the use of special characters in the OU. Example OU: Acme Technology [AcmeTech]
AuthAnvil Two Factor Auth v5.5 servers
If you are using 2FA v5.5 you will need to hot fix the AuthAnvil Server.
- Apply this hot fix https://helpdesk.kaseya.com/entries/88302958
- Once this above hot fix is applied download the AuthAnvil.dll attached to this article and use it to replace the one in the following locations.
C:\Program Files\Scorpion Software\AuthAnvil\AuthAnvilSAS\bin
C:\Program Files\Scorpion Software\AuthAnvil\AuthAnvilSAS\ADUS\bin
C:\Program Files\Scorpion Software\AuthAnvil\AuthAnvilSAS\Admin\Bin
C:\Program Files\Scorpion Software\AuthAnvil\AuthAnvilSAS\Manager\bin
C:\Program Files\Scorpion Software\AuthAnvil\AuthAnvilSAS\SelfService\bin
C:\Program Files\Scorpion Software\AuthAnvil\AuthAnvilSAS\Provisioning\bin
- Reset IIS on the AuthAnvil server.
Check for the next ADUS check in to occur. Users should now be added.