To enforce additional security to all users that have access to Veeam Service Provider Console without enabling MFA for each of them one by one, you can apply MFA policies. MFA policies allow you to enable MFA for all users of your organization as well as managed resellers and companies.
To perform this task, a user must have the following role assigned: Portal Administrator.
To apply policies:
- Log in to Veeam Service Provider Console.
For details, see Accessing Veeam Service Provider Console.
- At the top right corner of the Veeam Service Provider Console window, click Configuration.
- In the configuration menu on the left, click Security.
- On the Multi-Factor Authentication tab, set one or both toggles of the following options to On.
- Enforce MFA for clients and resellers — enables MFA for all users of the managed companies and resellers.
- Enforce MFA for your company users — enables MFA for all users of your organization.
The Server time sync status indicates whether current time in the Veeam Service Provider Console server is synchronized with the NTP server. If it does not have the OK value, the policies can not be applied.
On the next authorization session, each user in the scope of an applied policy must configure MFA by going through the Multi-Factor Authentication step of the Edit User wizard as described in the Filling User Profile section.