Enabling, Disabling and Resetting MFA for Company Users
You can manage MFA for specific company users.
If you configure MFA for an account that is used for integration with third party applications, that integration will stop working. To avoid that, first configure API key, as described in the Configuring API Keys section.
To enable, disable or reset MFA for specific users of a company:
- Log in to Veeam Service Provider Console.
For details, see Accessing Veeam Service Provider Console.
- At the top right corner of the Veeam Service Provider Console window, click Configuration.
- In the configuration menu on the left, click Roles & Users.
- Open the Managed Companies tab and navigate to Local Users.
- To narrow down the list of users, you can apply the following filters:
- Company — search the list of users by company to which the user belongs.
- Role — limit the list of users by role (Company Owner, Company Administrator, Location Administrator, Location User, Subtenant, Company Invoice Auditor).
- MFA status — indicates whether multi-factor authentication is enforced for user (Enforced, Not enforced, Not configured).
- Select users in the list.
- At the top of the list, click MFA.
Alternatively, you can right-click the necessary user and choose MFA.
- From the drop-down list select Enforce to enable MFA, Ignore to allow users to disable MFA or Reset to reset MFA settings.
- In the confirmation window, click Yes.
- Click OK to close the Users window.
On the next authorization session, each user will be prompted to configure MFA settings on the Multi-Factor Authentication step of the Edit User wizard as described in the Modifying Own User Profile section of the Guide for End Users.
If the Enforce MFA for all managed clients and resellers policy is enabled or MFA is enabled for the reseller that manages the selected companies, you cannot disable MFA. For details, see MFA Policies. If MFA is enabled for the company by your service provider, you cannot disable MFA.