Applies to: Nerdio for Azure (NFA) and Nerdio Private Cloud (NPC)
Nerdio supports two-factor authentication (2FA) to secure access to your Nerdio desktops. Nerdio uses "SMS PASSCODE" services to enforce two factor authentication. The services authenticate users by sending a real-time, session-specific one-time passcode (OTP) to users' mobile phones via SMS and voice-call. Once the OTP has been validated, user is granted access to their Nerdio desktop.
- SMS Passcode is used even if no users are using 2FA. The Desktop Login logs rely on this database. Therefore, these services should be monitored even if not used for 2FA.
- SMS Passcode agent is installed on each desktop VM, both VDI and RDS. The service on each desktop/RDS VM must also stay on, be monitored and restarted if it ever goes down.
There are four SMS PASSCODE services that run on domain controller (DC01) server:
There is a service that runs on all VDI desktops (WSXX VMs) and RDS session hosts (RDSHXX and RDSCL-X VMs):
It is extremely important that SMS PASSCODE services are always up and running.
The services are on the critical path to a successful Nerdio desktop login, even if a user has been opted-out of two factor authentication. In case the SMS PASSCODE services are not running, we recommend you:
- Start all SMS PASSCODE services on DC01 and all desktops
- Set the services to restart upon failure
- Configure your RMM agent to monitor these services and automatically restart them if they stop for any reason
To learn more about how NAP implements "SMS PASSCODE" service, refer below articles:
- Access Nerdio account in case you forget your password.
- How to authenticate a user if the user doesn’t have a registered mobile number?
- You will receive all messages/calls regarding Nerdio authentication from SMS PASSCODE service number (424) 337-1337.
- In case you are not receiving any messages/calls from the SMS PASSCODE service, please check whether you have inadvertently blocked the number
- You may have sent a STOP, STOPALL, UNSUBSCRIBE, CANCEL, END or QUIT message to the SMS PASSCODE service and accidentally blocked it.
- To unblock the service, you need to send a new message to SMS PASSCODE service with START, YES or UNSTOP message.
- In case you have subscribed to the SMS PASSCODE service, however, are still not receiving any messages, it could be due to issues related to your country, carrier, or cell phone network restrictions. For example, there are some known issues using this service in India due to the government's limitations on unsolicited texts.