AuthLite Interactive Documentation
Quick Start: Install and protect Domain Admins AuthLite Features Supported Tokens Installation and Upgrading Configuration Token Management How to Log In Troubleshooting
Forced 2-Factor Processes list
Forced 2-Factor Processes list

Sometimes Group Policy isn't granular enough to enforce what you need on a server.  (If your AuthLite users have on-premises Exchange mailboxes for example, and need ActiveSync access to them.)

So we need a way to enforce only some processes on a machine.  This is accomplished by configuring the “Forced 2-Factor Processes” list on the server. Each string you enter will be matched against the command-line of the calling process. If there is a match, then two-factor authentication will be enforced for AuthLite users for that process.

Note: This feature is configured on each member server independently.

RDP Forcing

Note: You should use Group Policy instead of this feature, in most cases.

To enforce two-factor authentication for the server when Remote Desktop is used, select that checkbox.

System Forcing

Certain services may perform authentication inside the Windows kernel, thus there is a checkbox to force these processes to require 2-factor for AuthLite users.