Ask the Community
Groups
Adding the Virtual System Administrator (VSA) for Single Sign On - Connect IT Community | Kaseya
<main> <article class="userContent"> <p>To add the Virtual System Administrator (VSA) application from the Single Sign On catalogue follow these steps.</p> <p>Log into yourPassly tenant </p> <ol><li>Select <strong>Directory Manager</strong>.</li> <li>Select <strong>Groups</strong>.<br>Select the plus sign in the bottom right corner.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/EW2S6XCYTCJ1/blue-png.png" alt="blue.PNG" class="embedImage-img importedEmbed-img"></img><br>Name the Group <strong>VSA Users</strong>.<br>Select <strong>ADD GROUP</strong>.</li> <li>Select <strong>SSO Manager</strong>.</li> <li>Select the plus sign in the bottom right corner.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/EW2S6XCYTCJ1/blue-png.png" alt="blue.PNG" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Kaseya <img src="https://us.v-cdn.net/6032361/uploads/migrated/057OJJNT51I0/mceclip0.png" alt="mceclip0.png" class="embedImage-img importedEmbed-img"></img><br></strong> </li> <li>This will allow you to begin to configure the Application.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/5ZOWEW133IJC/mceclip1.png" alt="mceclip1.png" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Application is Enabled<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/5JTV1166LGR5/mceclip2.png" alt="mceclip2.png" class="embedImage-img importedEmbed-img"></img><br></strong> </li> <li>Select <strong>Protocol Setup<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/DER33PTRZ0CP/4-png.png" alt="" class="embedImage-img importedEmbed-img"></img><img src="https://us.v-cdn.net/6032361/uploads/migrated/SIRE3QCFNJG5/mceclip3.png" alt="mceclip3.png" class="embedImage-img importedEmbed-img"></img><br>Note: </strong>You will need to update the following to reflect your public Kaseya web address.<br>If your VSA server supports an HTTPS connection, please enter the the URLs reflect that to ensure there is secure communication and encryption in place.<br>Assertion Consumer Service URL<br>Service Entity ID (Issuer) </li> <li>Select<strong> Attribute Transformation.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/Q4RYDESRBOYU/mceclip4.png" alt="mceclip4.png" class="embedImage-img importedEmbed-img"></img><br></strong> </li> <li>Select remove on the existing attribute.<br><strong> <img src="https://us.v-cdn.net/6032361/uploads/migrated/7MRBCOMN7N35/mceclip5.png" alt="mceclip5.png" class="embedImage-img importedEmbed-img"></img></strong> </li> <li> </li> <li><strong>Select Add Custom Attribute Map.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/622JY4PJ3SXJ/mceclip6.png" alt="mceclip6.png" class="embedImage-img importedEmbed-img"></img><br></strong></li> <li>Add the following attributes.<br>Attribute Value: {User.PrincipleName}<br>Issue As type: <br><a href="/home/leaving?allowTrusted=1&target=http%3A%2F%2Fschemas.xmlsoap.org%2Fws%2F2005%2F05%2Fidentity%2Fclaims%2Fnameidentifier">http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier</a><br><br></li> <li>This should only leave the following attribute.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/AFX23Q115Q0P/mceclip7.png" alt="mceclip7.png" class="embedImage-img importedEmbed-img"></img><br></li> <li>Select <strong>Permissions</strong>.</li> <li>Select <strong>ADD GROUP</strong>.<br>Select the VSA Users Group.<br>Select <strong>ADD GROUP</strong>.</li> <li>Select <strong>Add Application</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/IOWI61BYYYO5/8-png.png" alt="" class="embedImage-img importedEmbed-img"></img><img src="https://us.v-cdn.net/6032361/uploads/migrated/C08UXCN19D9I/mceclip8.png" alt="mceclip8.png" class="embedImage-img importedEmbed-img"></img></li> </ol><p> This should bring you to the Application Library.</p> <ol><li>Select Kaseya.</li> <li>Select <strong>Signing and Encryption</strong>.</li> <li>Select <strong>Download Certificate</strong>.</li> </ol><p><strong>Note</strong>: You will need this certificate to complete the module configuration within VSA.</p> <p>Next you will need give the user access to the VSA Users group. This will allow the users to see the Kaseya VSA App in the Launchpad.<br>Select <strong>Directory Manager</strong>.</p> <p>Select <strong>Groups</strong>.</p> <p>Select the VSA Users group.</p> <p>Select Add groups icon.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/C08UXCN19D9I/mceclip8.png" alt="mceclip8.png" class="embedImage-img importedEmbed-img"></img><br>Select the users you wish to add to the group. Select <strong>ADD USERS</strong>.</p> <p> </p> <p><strong>Configure AuthAnvil Module within Virtual System Administrator (VSA)</strong></p> <ol><li>Log into Virtual System Administrator (VSA).</li> <li>Select <strong>AuthAnvil</strong>.</li> <li>Select <strong>Configure Kaseya Logon</strong>.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/V91VCRWQ91HB/mceclip9.png" alt="mceclip9.png" class="embedImage-img importedEmbed-img"></img></li> <li>Under <strong>Kaseya Single Sign On Configuration</strong> </li> <li>Select enable Single Sign On to Kaseya.<br>Update the<strong> Reply to URL</strong>: <a href="/home/leaving?allowTrusted=1&target=https%3A%2F%2F%28YourKaseyaServer%29%2Fvsapres%2Fweb20%2Fcore%2Fssologin.aspx">https://(YourKaseyaServer)/vsapres/web20/core/ssologin.aspx</a><br><strong>Note</strong>: Replace (YourKaseyaServer) with the fully qualified domain name of your Virtual System Administrator (VSA) Server.<br>Upload the certificate previously downloaded from the AuthAnvil Server.<br><img src="https://us.v-cdn.net/6032361/uploads/migrated/QGAFZP8YKUU9/mceclip10.png" alt="mceclip10.png" class="embedImage-img importedEmbed-img"></img></li> <li>Select <strong>Save Settings</strong>.</li> </ol><p>You should now be able to log into Virtual System Administrator (VSA) via the tenant launchpad.</p> </article> </main>