Active Directory-Based Identity Management
Centrify Identity Service, Mac Edition centralizes authentication, administration and Group Policy management of Macs and mobile devices within Active Directory. This enables IT to provide end-users with their platform of choice without sacrificing efficiency or security. Users get secure, single sign-on to all their apps and devices — no matter how complex the environment — while admins can leverage familiar Windows-based tools, thereby reducing Mac and mobile device management costs.
Centrify’s Active Directory-based administration also enables separation of duties, so Mac administrators within a department can be granted the specific rights required to perform their jobs. Centrify’s non-intrusive solution deploys without installing software on domain controllers or requiring any changes to the Active Directory schema.
As a complement to its proven, agent-based approach for Active Directory authentication, Centrify also includes a cloud-based option for securing and managing Macs that are remote and/or not connected to the corporate network.
Key features and benefits include:
Best-in-Class Active Directory (AD) Integration
- Robust support for Active Directory-based management and user login for Macs, even with multiple domains or forests with one- or two-way trusts
- Seamless integration of Macs and mobile devices into Active Directory-based management without any changes to the AD schema
Advanced Identity Management
Auto-zone or Zone-based user identities simplify enterprise integration:
- Automatic management of Mac user identities for normal workstation use in typical Windows-centric environments
- Granular Zone-based identity management to integrate Macs into more complex environments where interoperability with other UNIX or Linux file services is required
Granular User Access Management
Flexible authorization controls enable access to Macs for specific users or groups of users:
- Assign a Mac to an individual user, such as an executive, for exclusive access, while also enabling access by authorized support staff
- Enforce stringent access controls to ensure that only authorized users can log in
Automated Home Directory Management
Set up home directories for both mobile and network users.
- Configure home directories to match the user access model: Laptop users with a local home directory and offline access; network users with centralized file servers; and classroom-type configurations where users have network-based home directories
- Provide full access to network directories via AFP, SMB or DFS or locally
SSO to Enterprise Apps, Data and Services
Mac and mobile users can access enterprise applications and services seamlessly, just like Windows users.
- Users get the same single sign-on experience accessing enterprise services and applications such as file servers, printers, intranet websites, Kerberized apps, and Microsoft applications, including Exchange, SQL and IIS servers
- Mac and mobile users enjoy the same level of support and seamless access to the enterprise as Windows users