Active Directory-Based Identity Management

Centrify Identity Service, Mac Edition centralizes authentication, administration and Group Policy management of Macs and mobile devices within Active Directory. This enables IT to provide end-users with their platform of choice without sacrificing efficiency or security. Users get secure, single sign-on to all their apps and devices — no matter how complex the environment — while admins can leverage familiar Windows-based tools, thereby reducing Mac and mobile device management costs.

Centrify’s Active Directory-based administration also enables separation of duties, so Mac administrators within a department can be granted the specific rights required to perform their jobs. Centrify’s non-intrusive solution deploys without installing software on domain controllers or requiring any changes to the Active Directory schema.

As a complement to its proven, agent-based approach for Active Directory authentication, Centrify also includes a cloud-based option for securing and managing Macs that are remote and/or not connected to the corporate network.

Best-in-Class Active Directory (AD) Integration

  • Robust support for Active Directory-based management and user login for Macs, even with multiple domains or forests with one- or two-way trusts
  • Seamless integration of Macs and mobile devices into Active Directory-based management without any changes to the AD schema

Advanced Identity Management

Auto-zone or Zone-based user identities simplify enterprise integration:

  • Automatic management of Mac user identities for normal workstation use in typical Windows-centric environments
  • Granular Zone-based identity management to integrate Macs into more complex environments where interoperability with other UNIX or Linux file services is required

Granular User Access Management

Flexible authorization controls enable access to Macs for specific users or groups of users:

  • Assign a Mac to an individual user, such as an executive, for exclusive access, while also enabling access by authorized support staff
  • Enforce stringent access controls to ensure that only authorized users can log in

Automated Home Directory Management

Set up home directories for both mobile and network users.

  • Configure home directories to match the user access model: Laptop users with a local home directory and offline access; network users with centralized file servers; and classroom-type configurations where users have network-based home directories
  • Provide full access to network directories via AFP, SMB or DFS or locally

SSO to Enterprise Apps, Data and Services

Mac and mobile users can access enterprise applications and services seamlessly, just like Windows users.

  • Users get the same single sign-on experience accessing enterprise services and applications such as file servers, printers, intranet websites, Kerberized apps, and Microsoft applications, including Exchange, SQL and IIS servers
  • Mac and mobile users enjoy the same level of support and seamless access to the enterprise as Windows users