Follow

Upgrading your AuthAnvil Two Factor Auth installation from v4.0 to v4.1 (Legacy)

Simply follow the steps below to make sure your authentication server is properly upgraded to the latest version of AuthAnvil.

Step 1 – Backup your existing data by creating a backup (bup) file.

  1. Open a command window and navigate to the C:Program FilesScorpion SoftwareAuthAnvilAuthAnvilTools directory.
  2. To run the backup, run the command aabackup.exe followed by the SQL instance name.
    i.e. aabackup.exe SBS2008AUTHANVIL
  3. Your bup file is created and saved in the same directory. If the backup is successful, the tool will complete silently. If you receive an error, confirm the SQL instance name, and that your user account has privileges to access the database and run the backup again.
  4. Confirm that your file is valid by ensuring that it is well-formed XML. Move it to a secure location for later restoration.

Step 2 – Upgrade AuthAnvil Strong Authentication Server

  1. Download the AuthAnvil 4.0 to 4.1 update kit from here.
  2. Unzip it and run the UpgradeAuthAnvil.bat file inside the folder. NOTE: Make sure to run this batch file from an elevated command prompt.
  3. The updater will go through, back up your existing files, then deploy the new ones.
  4. Once the upgrade has completed successfully and has been tested, you can remove the backup files.

NOTE: This method supports upgrades from AuthAnvil 4.0 to 4.1 only. For instructions on upgrading from AuthAnvil 3.5 or earlier, please refer to the appropriate upgrade guide. The AuthAnvil 4 installer will deploy the AuthAnvil 4.1 files for all new installs and upgrades.

Step 3 – Test upgraded AuthAnvil install

With all the previous configuration settings now restored, your installation SHOULD be back and fully working.

To test that this is true for AuthAnvil, follow these steps:

  1. Using an AuthAnvil account that is a site admin, log in to the AuthAnvil Manager using your AuthAnvil credential. The AnvilManager should display the version 4.1.0.15.
  2. Click the Users tab, click a user name, then click Token Information and then Test Token. Follow the on screen instructions and ensure you can successfully authenticate that token.

Once AuthAnvil is fully tested to be working, you can turn to upgrade all your AuthAnvil agents.

NOTE: If you are running Kaseya or another RMM tool to manage AuthAnvil agents, you may need to update the MSI kit used for deployment. This file is available on the Customer Portal under “Tools”.

Step 4 – Backup your new AuthAnvil configuration and settings

You are almost done! Actually… you are. All that is left is to back up your newly configured AuthAnvil system settings.

  • Open a command window and go to C:Program FilesScorpion SoftwareAuthAnvilAuthAnvilTools
  • To run the backup, run the command aabackup.exe followed by the SQL instance name.i.e. aabackup.exe SBS2008AUTHANVIL
  • Your bup file is created and saved in the same directory. If the backup is successful, the tool will complete silently. If you receive an error, confirm the SQL instance name, and that your user account has privileges to access the database and run the backup again.

Why backing up your AuthAnvil configuration data is important

Besides the traditional answer of data diligencefor recovery operations, there is a very practical reason for doing so.The original token import file that you are emailed includes token information at the time that they were programmed. Once a token has been used for a period of time, it has the potential to be “out of sync” with the server if you re-import the token information at a later date from the original file. The solution is to manually resync the token after re-import, which can be tedious if you are managing a lot of tokens and have to manually resync each one. A better solution would be to simply restore the most recent AuthAnvil BUP, which will include the most recent keys used during the last successful authentication challenge.

Automating the backup of AuthAnvil configuration data and audit logs

Using a tasked schedule, you can configure it to routinely backup the data and make it available to your normal server backup sets. We have a tool available to help you do that. For more information, check out this blog post.

At this point, the scheduled task will be creating a *.bup file in the base directory of where aabackup.exe resides. You should configure your backup software to include that folder in the nightly backup set, to ensure you properly back it up.

NOTE: A BUP file stores all AuthAnvil configuration and audit data, and should be properly secured. You may wish to copy the aabackup.exe file to a secure location and further tighten NTFS ACLs so permissions will only allow the backup account privileges to read and access the .bup files created, along with the administrative account which needs to execute the aabackup tool. All other access should be explicitly denied.

You will also want to remember to routinely purge the .bup files out of that directory. Over time, this could fill up your hard drive, especially if you have a lot of audit log items being recorded.

 

Questions?

If you have any questions or need some help, we would be happy to assist. Open a case at help.scorpionsoft.com or send an email to support@scorpionsoft.com.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk