Configure Kaseya Logon

Passly (AuthAnvil) > Two Factor Auth > Configure Kaseya Logon

The Configure Kaseya Logon pages enables or disables two factor authentication (2FA) for users logging into the VSA. You can optionally limit VSA logons to those initiated from whitelisted IP addresses. Once configured, you view a log of 2FA Kaseya logons on the View Logons to Kaseya page.

Note: See Enabling Two Factor Authentication for VSA Logons.

Kaseya Two Factor Auth Settings

• AuthAnvil SAS URL - The Two Factor Authentication server you are integrating with the VSA.
• Site ID - Accept the default value of 1. A different site ID number is only required if the Two Factor Authentication website your are integrating with is operating in multi-tenant mode.
• Whitelist Users - Optionally enter the usernames of one or more VSA users, delimited by commas. These users will be required or excluded from using 2FA logons, depending on the option you set in the Whitelisted User Configuration.
• Whitelisted IPs - Optionally include a range of IP addresses that VSA users must initiate a browser session from to log into the VSA. Delimit IP ranges by commas.
• Whitelisted User Configuration - Select how the Whitelist Users field is interpreted.
  • Required Two Factor Auth for All users except those in the whitelist
  • Required Two Factor Auth only for users in the whitelist
• Kaseya Logon Configuration - Uncheck the Disable the Two Factor Auth during Kaseya server logons. This means all VSA users must logon using AuthAnvil 2FA except your whitelisted users and whitelist IP addresses. Users will continue to be subject to Native Two Factor requirement(s), when applicable. Delimit VSA usernames with commas.

Kaseya Single Sign On Configuration

You can also use this page to add a logon app for the VSA itself. The app is then added to each VSA user's Single Sign On menu. This means the Single Single On menu provides immediate, secure access to the VSA as well as all other resources VSA users require to perform their daily tasks.

Note: See Using Single Sign On to Logon to the VSA.

• Single Sign On - If checked, enables the VSA to accept logons initiated by clicking a Kaseya app displayed on a user's Single Sign On menu.
• Reply To URL - The URL the VSA uses to accept Single Sign On requests. Example: http://<YourKaseyaServerName>/vsapres/web20/core/ssologin.aspx
• Certificate Information - The certificate the VSA uses to certify the identity of the Single Sign On server. Download the certificate from the Two Factor Authentication Manager > Single Sign On > Applications > Kaseya Logon > Certificate Authority page.

  Note: The Kaseya Logon application must already be added as an SSO application in Two Factor Authentication before you can download its public certificate (*.cer) and upload it into the VSA here.

• Certificate Expiry - The certificate's expiration date.
• Select Certificate - Selects a certificate to import into the VSA.