How to log into Windows machines using a Windows Logon Agent

Passly supports the use of the Windows Logon agent to enforce 2FA on Windows Logons. The Agent can be deployed to either Stand-alone or Domain joined Windows Servers / Laptop / Desktops / Workstations.

 

Passly User Accounts

In order to use this functionality the Passly username or alternate username must be an exact match in both Windows and Passly. 

Example:

  • Windows Username: Redpanda\Administrator
  • Passly username: Administrator

Note: Windows Logon agent authentication only validates the username portion and not the domain for 2FA enforcement. 

See these guides for help with Passly user accounts.

Domain Joined machine logins

When logging into a Domain joined machine, Domain users are expected to enter their Domain username & password before they will be prompted for 2FA. This agent can also support a login using an override password. The Windows Username/Password is verified with Windows before Passly engages.

Windows Domain user example

  • Domain username: administrator
  • Domain Password: password
  • Domain: redpanda

mceclip0.png

 

Stand-Alone Windows machine logins

When logging into a Stand-alone Windows machine, Users are expected to enter their Windows username & password before they will be prompted for 2FA. This agent can also support a login using an override password. The Windows Username/Password is verified with Windows before Passly engages.

Standalone Windows User Example

  • Local Windows username: administrator
  • Local Windows password: password
  • Local Windows Name: Test

mceclip1.png

 

Additional Resources

 

 

 

 

 

 

 

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section