AuthAnvil On-Premises (AAoP) product developed by Scorpion Software and later acquired by Kaseya, now part of the ID Agent team.
This was an On-Premises Windows Server / IIS hosted application that provided 2FA/SSO/Password management subscription based service.
Passly is a parallel service to AuthAnvil and was developed in the Cloud using Azure by the ID Agent team.
Migration
How can I migrate from AuthAnvil On-Premises, we have created the following articles to help you migrate.
- Migrating from an AuthAnvil On-Premises to Passly - https://helpdesk.kaseya.com/hc/en-gb/articles/4407400726545
- Migrating AAOP Password Server to Passly - https://helpdesk.kaseya.com/hc/en-gb/articles/4407410732305
We also have a collection of knowledge base articles for Passly for some of the common functions you used in AuthAnvil. You will also find In-application videos in Passly to help with many of the common features, check in the "?" once logged in.
Users
- How do I add a user? - https://helpdesk.kaseya.com/hc/en-gb/articles/4407400832017
- Enabling Directory Synchronization - https://helpdesk.kaseya.com/hc/en-gb/articles/4407400833425
- Added Users, Now What? - https://helpdesk.kaseya.com/hc/en-gb/articles/4407400801681
- If you or a user did not receive your enrolment email for Passly please check this KB https://helpdesk.kaseya.com/hc/en-gb/articles/4407400723345
Replacing Grouped Users
Passly does not use "Grouped" user accounts like AAoP had. We have split this functionality between Alternate Principal Names (aliases) & Just in Time 2FA (shared user account).
Alternate Principal Name
- Creating an Alternative Principal Name (APN) - https://helpdesk.kaseya.com/hc/en-gb/articles/4407393209361
- Creating an Alternative Principal Name (APN) for Synchronized User Accounts - https://helpdesk.kaseya.com/hc/en-gb/articles/4407400813841
Just in Time 2FA
• How can we use Just in Time 2FA - https://helpdesk.kaseya.com/hc/en-gb/articles/4407400811153
Multitenancy
Passly is natively multi-tenant, if you are an MSP you may have this function enabled by contacting your Account Management team.
- Adding a child organization in Passly - https://helpdesk.kaseya.com/hc/en-gb/articles/4414539744785
- Integrated Cloud based Password Server
- All knowledge based articles related can be found via https://helpdesk.kaseya.com/hc/en-gb/sections/4406091597329
- Passly Integrated Cloud Password Server - https://helpdesk.kaseya.com/hc/en-gb/articles/4407416923537
Integrated Cloud based Password Server
- All knowledge based articles related can be found via https://helpdesk.kaseya.com/hc/en-gb/sections/4406091597329
- Passly Integrated Cloud Password Server - https://helpdesk.kaseya.com/hc/en-gb/articles/4407416923537
Windows Logon agent
This agent supports Push.
This agent requires the machine to have a 64 bit OS.
This agent can be deployed from within VSA using added agent procedures.
- Deploying a Windows Logon Agent - https://helpdesk.kaseya.com/hc/en-gb/articles/4407396797585
- Windows Logon Agent Bulk Deployment - https://helpdesk.kaseya.com/hc/en-gb/articles/4407395793169
VSA
- Adding 2FA to Virtual System Administrator (VSA) ver. R9.1 – Newer - https://helpdesk.kaseya.com/hc/en-gb/articles/4407412690321
- Adding the Virtual System Administrator (VSA) for Single Sign On - https://helpdesk.kaseya.com/hc/en-gb/articles/4407399173521
- How can I remove 2FA logon protection from Virtual System Administrator - https://helpdesk.kaseya.com/hc/en-gb/articles/4407413233553
- Adding Virtual System Administrator (VSA) SAML app fails when using Domain Watch - https://helpdesk.kaseya.com/hc/en-gb/articles/4407406483473
- How to make a Custom Alternate Principal Name for SSO to Kaseya VSA - https://helpdesk.kaseya.com/hc/en-gb/articles/4407405559697
BMS/Vorex
- Adding Business Management System (BMS) / Vorex - https://helpdesk.kaseya.com/hc/en-gb/articles/4407399151889
IT Glue
- Adding IT Glue - https://helpdesk.kaseya.com/hc/en-gb/articles/4407399072529
Traverse
- Adding Traverse - https://helpdesk.kaseya.com/hc/en-gb/articles/4407408394513
Darkweb ID
• Adding OpenID Connect for DarkWeb ID - https://helpdesk.kaseya.com/hc/en-gb/articles/4407395835409
Third Party Integrations
- Adding MFA to Continuum - https://helpdesk.kaseya.com/hc/en-gb/articles/4407395523345
- How to Protect Solarwinds NCentral with Passly - https://helpdesk.kaseya.com/hc/en-gb/articles/360034414832
- Adding MFA to AutoTask - https://helpdesk.kaseya.com/hc/en-gb/articles/4407395373457
Third Party Password Management
- Passportal 2FA - https://passportal.atlassian.net/wiki/spaces/PKB/pages/5210423/Settings+-+Two-Factor+Authentication+2FA
- Thycotic Secret Server RADIUS setup - https://thycotic.force.com/support/s/article/Enabling-RADIUS-Two-Factor-Authentication
Connectwise Manage
- How to Protect Connectwise with Passly - https://helpdesk.kaseya.com/hc/en-gb/articles/4407412945681
Connectwise Control
- SAML single sign-on - https://docs.connectwise.com/ConnectWise_Control_Documentation/Get_started/Administration_page/Security_page/User_sources/SAML_single_sign-on
Office 365
- How can I use Passly with Office 365 - https://helpdesk.kaseya.com/hc/en-gb/articles/4407393142033
- Working with Service accounts and Office 365 - https://helpdesk.kaseya.com/hc/en-gb/articles/4407398496529
The process would look something like this for a new domain being federated.
- Add users in Passly with either a UPN in the form of email address (matching O365 domain) or with the first part of the email address as the UPN and the domain added as a principal name suffix on the organization.
Note: If you Passly DirSync for your user syncing from Active directory you will need a principal name suffix entered on the organization or thick clients will fail. - Create all the service accounts in Passly with UPN matching the email address. Set the Passly password to be the same as the current Office 365 Password.
- Create inclusion and exclusion security groups, add all the service accounts to the exclusion group.
- Create a specific policy for the Office 365 SAML App.
- Ensure all users added in Step 1 are in active status and the users have completed provisioning.
- Begin federation of the O365 domain.
• How can I use Passly with Office 365 - https://helpdesk.kaseya.com/hc/en-gb/articles/4407393142033
• Adding Office 365
• Working with Service accounts and Office 365 - https://helpdesk.kaseya.com/hc/en-gb/articles/4407398496529 - Test access in after 15 minutes, all federation provisioning should complete with 72 hours.
Working with Single Sign On
- Setting Up SSO Applications - https://support.idagent.com/hc/en-us/articles/360007368598
RADIUS
- How Should I setup RADIUS? - https://helpdesk.kaseya.com/hc/en-gb/articles/4407396543377
- Adding an Passly RADIUS server - https://helpdesk.kaseya.com/hc/en-gb/articles/4407403727505
- Testing RADIUS Communication - https://helpdesk.kaseya.com/hc/en-gb/articles/4407394962833