How to Migrate from AuthAnvil On-Premise to Passly

AuthAnvil On-Premises (AAoP) product developed by Scorpion Software and later acquired by Kaseya, now part of the ID Agent team.
This was an On-Premises Windows Server / IIS hosted application that provided 2FA/SSO/Password management subscription based service.
 

Passly is a parallel service to AuthAnvil and was developed in the Cloud using Azure by the ID Agent team. 

Migration

How can I migrate from AuthAnvil On-Premises, we have created the following articles to help you migrate. 

We also have a collection of knowledge base articles for Passly for some of the common functions you used in AuthAnvil. You will also find In-application videos in Passly to help with many of the common features, check in the "?" once logged in. 
Users
Replacing Grouped Users
Passly does not use "Grouped" user accounts like AAoP had. We have split this functionality between Alternate Principal Names (aliases) & Just in Time 2FA (shared user account).
Alternate Principal Name
Just in Time 2FA
• How can we use Just in Time 2FA - https://helpdesk.kaseya.com/hc/en-gb/articles/4407400811153 
Multitenancy
Passly is natively multi-tenant, if you are an MSP you may have this function enabled by contacting your Account Management team.

Integrated Cloud based Password Server

Windows Logon agent

This agent supports Push.

This agent requires the machine to have a 64 bit OS.

This agent can be deployed from within VSA using added agent procedures. 
VSA
BMS/Vorex
IT Glue
Traverse
Darkweb ID
• Adding OpenID Connect for DarkWeb ID - https://helpdesk.kaseya.com/hc/en-gb/articles/4407395835409 
Third Party Integrations
Third Party Password Management
Connectwise Manage
Connectwise Control
Office 365
The process would look something like this for a new domain being federated.
  1. Add users in Passly with either a UPN in the form of email address (matching O365 domain) or with the first part of the email address as the UPN and the domain added as a principal name suffix on the organization.
    Note: If you Passly DirSync for your user syncing from Active directory you will need a principal name suffix entered on the organization or thick clients will fail.
  2. Create all the service accounts in Passly with UPN matching the email address. Set the Passly password to be the same as the current Office 365 Password.
  3. Create inclusion and exclusion security groups, add all the service accounts to the exclusion group.
  4. Create a specific policy for the Office 365 SAML App.
  5. Ensure all users added in Step 1 are in active status and the users have completed provisioning.
  6. Begin federation of the O365 domain.
    • How can I use Passly with Office 365 - https://helpdesk.kaseya.com/hc/en-gb/articles/4407393142033
    • Adding Office 365 - https://helpdesk.kaseya.com/hc/en-gb/articles/4407404915473
    • Working with Service accounts and Office 365 - https://helpdesk.kaseya.com/hc/en-gb/articles/4407398496529
  7. Test access in after 15 minutes, all federation provisioning should complete with 72 hours.
Working with Single Sign On
RADIUS
Other helpful articles

 

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us