Identity Consolidation

Migration and Automation

Benefit from the extensive tools built on the experience of thousands of successful deployments in organizations around the world. Centrify deploys rapidly, without interfering with existing tools and practices.

The Right Tools for Consolidating Identity and Access

A heterogeneous data center with hundreds or thousands of servers requires robust deployment, migration and automation tools to accelerate and streamline the identity consolidation process. Centrify has built such tools as a result of more than a decade of experience and thousands of successful deployments.

Integration into Existing Tools

Leveraging tools your team is already familiar with, Centrify provides Microsoft Active Directory Users and Computers (ADUC) and Group Policy Object Editor (GPOE) extensions to allow for delegated administration. Day-to-day administration stays within the existing tools and processes that are already established in your organization.

System Analysis and Risk Assessment

The Centrify Identity Risk Assessor (CIRA) scans server environments to locate identity-related risks on Linux and UNIX servers. CIRA correlates these findings into a comprehensive set of dashboards and reports capturing identity vulnerabilities and compliance violations that compare exposures to recommended best practices.

Automated Discovery and Deployment

Organizations deploying to hundreds or thousands of systems use the Deployment Manager to automatically discover candidate systems, download the correct package for each individual system, analyze each system for issues that might prevent successful integration, and deploy the agent to join the system to Active Directory.

Migration Wizard

Centrify enables you to retire redundant and legacy identity stores by managing non-Windows identities through Active Directory. The Migration Wizard accelerates deployment by importing user and group information from outside sources such as NIS, NIS+ and /etc/passwd into Active Directory. The Wizard checks for duplicate IDs and gives you options for resolving conflicts.

Centralized Management

Centrify's management tools centralize the discovery, management and user administration of systems through Active Directory. With Access Manager you can configure the UNIX profile of Active Directory users, manage computer properties, and create and manage Centrify Zones and their memberships.

Powerful and Time-saving Automation

Centrify also provides a comprehensive set of UNIX command-line and PowerShell tools designed to enable administrators to manage Zone and UNIX data as well as Active Directory accounts and groups. These command-line tools have also been carefully crafted to support different output options so that they can be integrated with in-house automation or provisioning scripts.


To enhance security and enable single sign-on with your Active Directory account, Centrify delivers a packaged and tested version of PuTTY that works seamlessly with Linux and UNIX systems. This allows users to authenticate against Active Directory and provides single-sign-on to logged-in users. This ensures enforcement of the applicable privileges for a user, based on their role(s). Centrify also enables you to centrally configure security settings for PuTTY using Windows Group Policy.


Centrify provides a version of OpenSSH that is built with the Centrify Kerberos libraries to ensure that single sign-on works seamlessly in an Active Directory environment and ensures enforcement of privileges and roles defined in Centrify. This provides several advantages: the OpenSSH client and server are pre-configured to automatically support PAM and Kerberos, there's no need for DNS-to-realm mapping and there is no need for a .k5login file in the user's home directory.


To ensure that privileges and data access rights are maintained and enforced across platforms, Centrify provides Centrify-enabled Samba. When a Windows user saves a file on a UNIX share, Samba must assign UNIX user and group IDs to the file. Windows users do not typically have UNIX profiles, so Samba will set and store arbitrary values for these attributes on each UNIX server. Centrify-enabled Samba solves this on Linux and UNIX systems joined to Active Directory by assigning the appropriate user and group ids based on the person saving the file.

Centrify Deployment Report Utility

The Centrify Deployment Report Utility collects information about the Centrify Server Suite software you have deployed, including how many licenses you have available, and the number of licenses currently in use. You can use this utility to generate a report that provides a summary and detailed information about the different types of licenses you have purchased for access control, privilege management and auditing and where active licenses are being used.