Consolidate user accounts and groups into Active Directory and enforce separation of administrative duties. Eliminate multiple identities and ensure a "one user, one identity" framework that strengthens security, lowers IT costs and streamlines your organization. One of the strengths of the Centrify Authentication Service is to allow customers to join Linux and UNIX to Active Directory. Transforming the host system into an Active Directory client enables customers to secure these systems using the same authentication and policy services currently deployed for their Windows systems.
Harness the Power of Active Directory Across Linux and UNIX
Active Directory provides a central point of administration within Windows. But for Linux and UNIX, user identities may reside on individual servers or in separate identity silos, complicating operations and compromising security.
Organizations with hundreds or thousands of UNIX and Linux systems are plagued with managing identity on local systems or independent identity stores. With so many independent and often overlapping identity silos, consolidating identity to a single directory can be challenging and time consuming. Most other solutions require an organization to completely rationalize and homogenize all user identities before consolidation can occur.
Centrify Authentication Service unifies your IT infrastructure by centralizing identity and access management for non-Windows systems, devices and applications within your existing Active Directory infrastructure.
Centrify enables you to integrate with Active Directory:
- Natively join Linux and UNIX systems to Active Directory without installing software on the domain controller or making schema modifications.
- Automatically assess systems for identity-related risks.
- Rapidly migrate user identities into Active Directory using Centrify Zones, eliminating the need to rationalize UNIX namespaces.
- Easily move to centralized identity and access management from NIS or /etc/passwd.
- Apply consistent security policies and centrally manage compliance reporting.
- Support a centrally managed password policy and flexible user naming conventions of Active Directory.
- Associate access rights and privileges to individuals through their Active Directory accounts. Ensure accountability and enable comprehensive compliance reporting on who has access to what systems.
- Grant users the right to access only those systems required for business purposes based on their job role(s).
- Leverage the power of Centrify Zone-based access controls. Define administrative boundaries for sets of systems that have their own authorized users, administrators and security policies.
- Support real-world DNS and Active Directory environments with automatic discovery of the nearest domain controller, the global catalog, one/two-way trusts, multi-site environments, domain controller fail-over, and disjoint Active Directory-DNS namespaces.
- Automate the configuration of the Kerberos stack on Linux and UNIX, including automatic updates of keytab files and keytab versioning, automatic time synchronization with Active Directory domain controller and local caching for disconnected mode.
- Provide single sign-on (SSO) access to Linux and UNIX systems through Active Directory.
- Extend Active Directory Group Policy Management of Linux and UNIX users and computers.
- Seamlessly access servers using Centrify-enabled OpenSSH and PuTTY tools.
- Also integrate popular applications like Hadoop and NoSQL into Active Directory.
centrify authentication service
The Centrify Authentication Service data sheet outlines how customer can go beyond the vault and properly verify who requests privileged access. This can be achieved by leveraging enterprise directory identities, eliminating local accounts, and decreasing the overall number of accounts and passwords, therefore reducing the attack surface.