CUSTOMER SUPPORT PORTAL

Documentation & Application Notes

This page includes all Centrify product documentation, plus application notes that show you how to set up Active Directory authentication for third-party applications.

Centrify Server Suite 2016 Documentation

Release Notes & Upgrade Guide

Check the release notes for information about what’s included in a specific release, that release’s system requirements and supported platforms, and any additional information that may not be included in the accompanying Centrify DirectControl documentation. The upgrade guides describe the steps necessary to successfully upgrade to a specific version of Centrify DirectControl, with particular regard to those computers running multiple Centrify packages.

Centrify Server Suite 2016 Upgrade Guide

Centrify Server Suite 2016 Update 1
Centrify Server Suite 2016

Quick Start & Evaluation Guides

Quick Start Guide for Linux and UNIX

Provides a brief summary of the steps for installing and getting started with Centrify software.

Quick Start Guide for Mac OS X

Explains how to set up the Windows and Active Directory elements that you must have in place before installing Centrify User Suite, Mac Edition (Centrify for Mac), and provides a brief summary of the steps for installing and getting started quickly with Centrify for Mac.

Quick Start Guide for Deployment Manager

Provides a brief summary of the steps for installing and using Deployment Manager.

Quick Start Guide for Multi-factor Authentication

You can configure multi-factor authentication based on user roles or computer roles, for specific applications or for individual commands. You can also skip multi-factor authentication for applications that don’t support it or for other reasons on a case-by-case basis by enabling and applying group policy or by setting configuration parameters.

Quick Start Guide for CIRA

The Centrify Identity Risk Assessor (CIRA) is a risk management feature of the Centrify Server Suite that scans server environments to locate identity-related risks on Linux and UNIX servers. CIRA correlates these findings into a comprehensive report capturing identity vulnerabilities and compliance violations that compare exposures to recommended best practices. Centrify’s experience in securing access controls and auditing servers both on premise and in the cloud with more than 5,000 customers uniquely positions it to provide the level of insight organizations need to expose, understand, and mitigate identity-related risks, ultimately reducing insider threat.

Evaluation Guide for Linux and UNIX

This guide shows you how to install and configure the Centrify software on a Windows computer joined to an Active Directory domain controller and on the Linux and UNIX computers you want to manage. After you install the software, you can follow the steps in this guide to create Active Directory users and groups and set up a test environment with Centrify zones, roles, privileges, and group policies. Through this test environment, you can see how Centrify enables you to control users access, manage privileges, and monitor activity on UNIX and Linux computers in your organization.

Evaluation Guide for Windows

This guide shows you how to install and configure an environment suitable for evaluating Centrify access and auditing features in a Windows-only environment.

Centrify Server Suite Evaluation Checklist

Provides you with an organized feature list that helps you step through all of the key product features during your evaluation. You can customize the list by adjusting the level of importance for any specific feature, enabling you to produce a weighted score that better reflects the value of the Centrify solution in your specific environment.

Centrify for Mac Evaluation Checklist

Provides you with an organized feature list that helps you step through all of the key product features during your evaluation. You can customize the list by adjusting the level of importance for any specific feature, enabling you to produce a weighted score that better reflects the value of the Centrify solution in your specific environment.

Administrator’s Guides

Deployment Manager Guide

Provides complete information for using Deployment Manager to deploy Centrify Server Suite software. This guide is intended for administrators who are responsible for managing user access to servers, workstations, enterprise applications, and network resources.

Administrator’s Guide for Linux and UNIX

This guide shows you how to use Centrify software to manage user and group profiles, role-based access rights, and delegated administrative activity for Linux and UNIX computers. This guide focuses exclusively on the management of identity attributes, rights, roles, role assignments, and privileges that apply to Linux and UNIX computers

Administrator’s Guide for NIS

Provides complete information for installing, configuring and using the Centrify Server Suite Network Information Service (adnisd) to provide authentication and centralized network information from Active Directory to Network Information Services (NIS) clients in a heterogeneous environment. Centrify Server Suite Network Information Service is an optional addition to Centrify Server Suite and the DirectControl agent.

Administrator’s Guide for Mac OS X

Explains how to install Centrify for Mac on Mac computers and describes how to manage user, groups, computers, and Zones. This guide focuses on issues and tasks that are specific or unique to a Mac OS X environment.

Administrator’s Guide for Windows

The Centrify Server Suite Administrator’s Guide for Windows describes how to install and configure Centrify software to manage access rights, elevated permissions, and role-based auditing for Windows computers. This guide focuses exclusively on the management of rights, roles, role assignments, privileges for application and network resources, and auditing requirements that apply to Windows computers.

Administrator's Guide for DirectAudit

Provides complete information for installing and configuring the auditing infrastructure, including guidelines for planning your deployment, managing audited activity, and how to use Audit Analyzer to find and replay captured user sessions. Centrify software helps you comply with regulatory requirements and improve accountability by collecting detailed information about user activity on Linux, UNIX, and Windows computers. The Centrify auditing features enable you to monitor user activity for immediate analysis or specific incidents, such as application failures or security breaches.

Administrator’s Guide for DirectSecure

Provides information for installing, configuring, and troubleshooting Centrify DirectSecure. Centrify DirectSecure enables you to manage IP Security Policies on UNIX computers using Active Directory group policies. The IP Security Policies protect sensitive information by isolating trusted computers on the network and enabling end-to-end encryption of data in motion. If you are familiar with Active Directory group policies, group policy objects, and how to configure and apply IP Security policies on Windows computers, this guide notes where DirectSecure IP Security policies differ from the policies defined on Windows.

Administrator’s Guide for Reports

Centrify Report Services provides reports on your Active Directory environment and in a format that’s optimized for reporting. You can synchronize the Active Directory information to your reporting database, and then allow your users access to just the reporting data.

RSA SecurID Token Configuration for UNIX/Linux Computers

This document describes the steps necessary to install and configure DirectControl and RSA SecurID to enable two factor authentication for Unix/Linux environments.

Audit Events

Audit Events Administrator’s Guide

This guide is for individuals who need to extract audit event information from UNIX and Linux syslogs and Windows application event logs. Audit events are organized into categories in the Audit Analyzer and these categories are identified in this document.

Audit Trail Event List

Documents all the audit trail events generated by Centrify Server Suite. This is intended for administrators who want to monitor Centrify Server Suite related events using Security information and event management (SIEM) tools.

User’s Guides

User’s Guide for Windows

Describes how you select and use the roles you have been assigned to get privileged access to applications and network resources. If your organization has deployed Centrify Server Suite 2016 and installed agents on Windows computers, an administrator should have prepared your computer and any remote servers you use and assigned one or more roles with specific access rights to your account.

Deployment Report Readme

The Centrify deployment report utility collects information about the Centrify software you have deployed, including how many licenses you have available, and the number of licenses currently in use. You can use this utility to generate a report that provides a summary and detailed information about the different types of licenses you have purchased for access control, privilege management, and auditing and where active licenses are being used.

Planning & Configuration Guides

Planning and Deployment Guide

Provides conceptual and technical information to help you plan and manage the initial deployment of Centrify software to provide secure authentication, authorization, and configuration services through Microsoft Active Directory. It includes instructions and best practices for planning a deployment, installing the software, migrating existing accounts, and developing a basic set of roles.

Configuration and Tuning Reference Guide

Provides reference information for Centrify configuration parameters. Configuration parameters can be set locally on Linux, UNIX, and Mac OS X computers to fine tune the operation of Centrify Server Suite components and subsystems. Centrify Server Suite is an integrated software solution that delivers secure access control and centralized identity management through Microsoft Active Directory. With Centrify software, your organization can improve IT efficiency, regulatory compliance, and security for on-premise, mobile, and hosted resources.

Group Policy Guide

Describes the Centrify group policies that are available in the Centrify Server Suite for cross-platform access control and privilege management. These group policies allow you to centrally manage computer and user configuration settings through the Microsoft Group Policy Objects.

Smart Card for Red Hat Configuration Guide

This document explains how to set up smart card authentication for logging on to Red Hat Linux computers.

Programmer’s Guides

Auditing and Analysis Scripting Guide

This guide describes the Centrify Audit Module for Windows PowerShell command set. These PowerShell cmdlets run on Windows computers and can be used to automate auditing-related management tasks, such as the creation of new audit store databases. You can also use the cmdlets to get or set properties for an installation and perform other administrative tasks.

ADEdit Programmer’s Guide

This guide shows you how to use the Centrify ADEdit command-line interface to manage Centrify objects stored in Microsoft Active Directory. ADEdit is a Tool command language (Tcl) application that enables administrators to run commands and write scripts that modify data in Active Directory directly from their Linux or UNIX console.

Access Control and Privilege Management Scripting Guide

Describes the Centrify DirectManage PowerShell-based command set. These PowerShell cmdlets run on Windows computers and can be used to automate access control and privilege management tasks, such as the creation of Centrify zones, rights, and roles. You can also use the cmdlets to perform other administrative tasks. For example, you can write scripts to add UNIX profiles for Active Directory users and groups to Centrify zones, assign UNIX and Windows users and groups to roles, and manage network information through NIS maps.

Centrify Windows API Programmer’s Guide

This document provides reference information and examples for programmers who plan to use the Centrify Server Suite SDK to develop programs for Windows and UNIX environments. It includes information for managing both Windows and UNIX computers and for managing the Active Directory data associated with UNIX users, groups, computers, and network maps. Much of the information in this guide is primarily intended for developers writing programs to provision UNIX users and groups into an Active Directory environment.

Database Management Guide

This guide is intended for database administrators who are responsible for preparing and maintaining the databases required to store audit-related information. If you are a Centrify administrator, but not a Microsoft SQL Server administrator, you should review the information in this guide with your Microsoft SQL Server system administrator.

Authentication Guides

Hadoop: Centrify Identity and Access Management for Cloudera

Provides instructions for integrating Centrify and Cloudera, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in Cloudera clusters.

Hadoop: Centrify Identity and Access Management for Hortonworks

Provides instructions for integrating Centrify and Hortonworks, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in Hortonworks clusters.

Hadoop: Centrify Identity and Access Management for MapR

Provides instructions for integrating Centrify and MapR, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in MapR clusters.

NoSQL: Centrify Identity and Access Management for Couchbase

Provides instructions for integrating Centrify and Couchbase, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in Couchbase clusters.

NoSQL: Centrify Identity and Access Management for DataStax

Provides instructions for integrating Centrify and DataStax, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in DataStax clusters.

NoSQL: Centrify Identity and Access Management for MongoDB

Provides instructions for integrating Centrify and MongoDB, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in MongoDB clusters.

Authentication Guide for Apache Servers

This guide explains how to install and configure the Centrify web application support package for Apache servers. This package enables you to provide Active Directory authentication for web browser clients on Apache servers.

Authentication Guide for Java Applications

This guide explains how to install and configure the Centrify web application support package for Java applications running on Tomcat, JBoss, WebLogic, and WebSphere application servers. This package enables you to provide Active Directory authentication for web browser clients on Linux, UNIX, or Windows servers.

Authentication Guide for Active Directory Federation Services

This guide shows you how to configure single sign-on to Internet applications through federated identity authentication. This guide explains how to configure Centrify software for Apache, Tomcat, JBoss, WebLogic and WebSphere servers through the use of simple, sample applications. These sample applications enable you to test and verify configuration settings before deploying in a production environment.

Authentication Guide for SAP

This guide shows you how to enable SAP Enterprise Resource Planning (ERP) and SAP R/3 users to authenticate to SAP via the SAP GUI client application on a Windows workstation, without having to type in a user ID and password. With this solution, users who has been properly configured with an SAP account can access the desired SAP business application using their Active Directory user credentials. The user gains single sign-on capability, increasing user acceptance and reducing support desk calls to reset passwords and unlock accounts. In addition, the administrator can disable the user account centrally in Active Directory and immediately remove the user's access to SAP.

Authentication Guide for Netweaver AS Java

This document describes DirectControl for NetWeaver, which enables NetWeaver J2EE applications to use DirectControl as their authentication mechanism, provides users with single sign-on (SSO) capability, and enables the administrator to disable user accounts centrally in Active Directory (AD).

Authentication Guide for IBM DB2

This document describes how to extend DirectControl's authentication services to DB2® database instances. This solution allows you to use Microsoft Active Directory as the centralized authentication and access control data store in a heterogeneous environment containing Windows and UNIX computers, as well as DB2 relational database management systems.

Centrify Server Suite 2015 Documentation

Release Notes & Upgrade Guide

Check the release notes for information about what’s included in a specific release, that release’s system requirements and supported platforms, and any additional information that may not be included in the accompanying Centrify DirectControl documentation. The upgrade guides describe the steps necessary to successfully upgrade to a specific version of Centrify DirectControl, with particular regard to those computers running multiple Centrify packages.

Centrify Server Suite 2015 Upgrade Guide

Centrify Server Suite 2015 Update 1
Centrify Server Suite 2015

Quick Start & Evaluation Guides

Quick Start Guide for Linux and UNIX

Provides a brief summary of the steps for installing and getting started with Centrify software.

Quick Start Guide for Mac OS X

Explains how to set up the Windows and Active Directory elements that you must have in place before installing Centrify User Suite, Mac Edition (Centrify for Mac), and provides a brief summary of the steps for installing and getting started quickly with Centrify for Mac.

Quick Start Guide for Deployment Manager

Provides a brief summary of the steps for installing and using Deployment Manager.

Quick Start Guide for CIRA

The Centrify Identity Risk Assessor (CIRA) is a risk management feature of the Centrify Server Suite that scans server environments to locate identity-related risks on Linux and UNIX servers. CIRA correlates these findings into a comprehensive report capturing identity vulnerabilities and compliance violations that compare exposures to recommended best practices. Centrify’s experience in securing access controls and auditing servers both on premise and in the cloud with more than 5,000 customers uniquely positions it to provide the level of insight organizations need to expose, understand, and mitigate identity-related risks, ultimately reducing insider threat.

Evaluation Guide for Linux and UNIX

This guide shows you how to install and configure the Centrify software on a Windows computer joined to an Active Directory domain controller and on the Linux and UNIX computers you want to manage. After you install the software, you can follow the steps in this guide to create Active Directory users and groups and set up a test environment with Centrify zones, roles, privileges, and group policies. Through this test environment, you can see how Centrify enables you to control users access, manage privileges, and monitor activity on UNIX and Linux computers in your organization.

Evaluation Guide for Windows

This guide shows you how to install and configure an environment suitable for evaluating Centrify access and auditing features in a Windows-only environment.

Centrify Server Suite Evaluation Checklist

Provides you with an organized feature list that helps you step through all of the key product features during your evaluation. You can customize the list by adjusting the level of importance for any specific feature, enabling you to produce a weighted score that better reflects the value of the Centrify solution in your specific environment.

Centrify for Mac Evaluation Checklist

Provides you with an organized feature list that helps you step through all of the key product features during your evaluation. You can customize the list by adjusting the level of importance for any specific feature, enabling you to produce a weighted score that better reflects the value of the Centrify solution in your specific environment.

Administrator’s Guides

Deployment Manager Guide

Provides complete information for using Deployment Manager to deploy Centrify Server Suite software. This guide is intended for administrators who are responsible for managing user access to servers, workstations, enterprise applications, and network resources.

Administrator’s Guide for Linux and UNIX

This guide shows you how to use Centrify software to manage user and group profiles, role-based access rights, and delegated administrative activity for Linux and UNIX computers. This guide focuses exclusively on the management of identity attributes, rights, roles, role assignments, and privileges that apply to Linux and UNIX computers

Administrator’s Guide for NIS

Provides complete information for installing, configuring and using the Centrify Server Suite Network Information Service (adnisd) to provide authentication and centralized network information from Active Directory to Network Information Services (NIS) clients in a heterogeneous environment. Centrify Server Suite Network Information Service is an optional addition to Centrify Server Suite and the DirectControl agent.

Administrator’s Guide for Mac OS X

Explains how to install Centrify for Mac on Mac computers and describes how to manage user, groups, computers, and Zones. This guide focuses on issues and tasks that are specific or unique to a Mac OS X environment.

Administrator’s Guide for Windows

The Centrify Server Suite Administrator’s Guide for Windows describes how to install and configure Centrify software to manage access rights, elevated permissions, and role-based auditing for Windows computers. This guide focuses exclusively on the management of rights, roles, role assignments, privileges for application and network resources, and auditing requirements that apply to Windows computers.

Administrator's Guide for DirectAudit

Provides complete information for installing and configuring the auditing infrastructure, including guidelines for planning your deployment, managing audited activity, and how to use Audit Analyzer to find and replay captured user sessions. Centrify software helps you comply with regulatory requirements and improve accountability by collecting detailed information about user activity on Linux, UNIX, and Windows computers. The Centrify auditing features enable you to monitor user activity for immediate analysis or specific incidents, such as application failures or security breaches.

Administrator’s Guide for DirectSecure

Provides information for installing, configuring, and troubleshooting Centrify DirectSecure. Centrify DirectSecure enables you to manage IP Security Policies on UNIX computers using Active Directory group policies. The IP Security Policies protect sensitive information by isolating trusted computers on the network and enabling end-to-end encryption of data in motion. If you are familiar with Active Directory group policies, group policy objects, and how to configure and apply IP Security policies on Windows computers, this guide notes where DirectSecure IP Security policies differ from the policies defined on Windows.

Audit Trail Event List

Documents all the audit trail events generated by Centrify Server Suite. This is intended for administrators who want to monitor Centrify Server Suite related events using Security information and event management (SIEM) tools.

User’s Guides

User’s Guide for Windows

Describes how you select and use the roles you have been assigned to get privileged access to applications and network resources. If your organization has deployed Centrify Server Suite 2015 and installed agents on Windows computers, an administrator should have prepared your computer and any remote servers you use and assigned one or more roles with specific access rights to your account.

Deployment Report Readme

The Centrify deployment report utility collects information about the Centrify software you have deployed, including how many licenses you have available, and the number of licenses currently in use. You can use this utility to generate a report that provides a summary and detailed information about the different types of licenses you have purchased for access control, privilege management, and auditing and where active licenses are being used.

Planning & Configuration Guides

Planning and Deployment Guide

Provides conceptual and technical information to help you plan and manage the initial deployment of Centrify software to provide secure authentication, authorization, and configuration services through Microsoft Active Directory. It includes instructions and best practices for planning a deployment, installing the software, migrating existing accounts, and developing a basic set of roles.

Configuration and Tuning Reference Guide

Provides reference information for Centrify configuration parameters. Configuration parameters can be set locally on Linux, UNIX, and Mac OS X computers to fine tune the operation of Centrify Server Suite components and subsystems. Centrify Server Suite is an integrated software solution that delivers secure access control and centralized identity management through Microsoft Active Directory. With Centrify software, your organization can improve IT efficiency, regulatory compliance, and security for on-premise, mobile, and hosted resources.

Group Policy Guide

Describes the Centrify group policies that are available in the Centrify Server Suite for cross-platform access control and privilege management. These group policies allow you to centrally manage computer and user configuration settings through the Microsoft Group Policy Objects.

Smart Card for Red Hat Configuration Guide

This document explains how to set up smart card authentication for logging on to Red Hat Linux computers.

Programmer’s Guides

ADEdit Programmer’s Guide

This guide shows you how to use the Centrify ADEdit command-line interface to manage Centrify objects stored in Microsoft Active Directory. ADEdit is a Tool command language (Tcl) application that enables administrators to run commands and write scripts that modify data in Active Directory directly from their Linux or UNIX console.

Access Control and Privilege Management Scripting Guide

Describes the Centrify DirectManage PowerShell-based command set. These PowerShell cmdlets run on Windows computers and can be used to automate access control and privilege management tasks, such as the creation of Centrify zones, rights, and roles. You can also use the cmdlets to perform other administrative tasks. For example, you can write scripts to add UNIX profiles for Active Directory users and groups to Centrify zones, assign UNIX and Windows users and groups to roles, and manage network information through NIS maps.

Centrify Windows API Programmer’s Guide

This document provides reference information and examples for programmers who plan to use the Centrify Server Suite SDK to develop programs for Windows and UNIX environments. It includes information for managing both Windows and UNIX computers and for managing the Active Directory data associated with UNIX users, groups, computers, and network maps. Much of the information in this guide is primarily intended for developers writing programs to provision UNIX users and groups into an Active Directory environment.

Database Management Guide

This guide is intended for database administrators who are responsible for preparing and maintaining the databases required to store audit-related information. If you are a Centrify administrator, but not a Microsoft SQL Server administrator, you should review the information in this guide with your Microsoft SQL Server system administrator.

Authentication Guides

Hadoop: Centrify Identity and Access Management for Cloudera

Provides instructions for integrating Centrify and Cloudera, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in Cloudera clusters.

Hadoop: Centrify Identity and Access Management for Hortonworks

Provides instructions for integrating Centrify and Hortonworks, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in Hortonworks clusters.

Hadoop: Centrify Identity and Access Management for MapR

Provides instructions for integrating Centrify and MapR, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in MapR clusters.

NoSQL: Centrify Identity and Access Management for Couchbase

Provides instructions for integrating Centrify and Couchbase, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in Couchbase clusters.

NoSQL: Centrify Identity and Access Management for DataStax

Provides instructions for integrating Centrify and DataStax, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in DataStax clusters.

NoSQL: Centrify Identity and Access Management for MongoDB

Provides instructions for integrating Centrify and MongoDB, allowing you to use your organization's existing Active Directory infrastructure to deliver access control, privilege management, and user-level auditing in MongoDB clusters.

Authentication Guide for Apache Servers

This guide explains how to install and configure the Centrify web application support package for Apache servers. This package enables you to provide Active Directory authentication for web browser clients on Apache servers.

Authentication Guide for Java Applications

This guide explains how to install and configure the Centrify web application support package for Java applications running on Tomcat, JBoss, WebLogic, and WebSphere application servers. This package enables you to provide Active Directory authentication for web browser clients on Linux, UNIX, or Windows servers.

Authentication Guide for Active Directory Federation Services

This guide shows you how to configure single sign-on to Internet applications through federated identity authentication. This guide explains how to configure Centrify software for Apache, Tomcat, JBoss, WebLogic and WebSphere servers through the use of simple, sample applications. These sample applications enable you to test and verify configuration settings before deploying in a production environment.

Authentication Guide for SAP

This guide shows you how to enable SAP Enterprise Resource Planning (ERP) and SAP R/3 users to authenticate to SAP via the SAP GUI client application on a Windows workstation, without having to type in a user ID and password. With this solution, users who has been properly configured with an SAP account can access the desired SAP business application using their Active Directory user credentials. The user gains single sign-on capability, increasing user acceptance and reducing support desk calls to reset passwords and unlock accounts. In addition, the administrator can disable the user account centrally in Active Directory and immediately remove the user's access to SAP.

Authentication Guide for Netweaver AS Java

This document describes DirectControl for NetWeaver, which enables NetWeaver J2EE applications to use DirectControl as their authentication mechanism, provides users with single sign-on (SSO) capability, and enables the administrator to disable user accounts centrally in Active Directory (AD).

Authentication Guide for IBM DB2

This document describes how to extend DirectControl's authentication services to DB2® database instances. This solution allows you to use Microsoft Active Directory as the centralized authentication and access control data store in a heterogeneous environment containing Windows and UNIX computers, as well as DB2 relational database management systems.

Centrify Server Suite 2014 Documentation

Release Notes & Upgrade Guide

Check the release notes for information about what’s included in a specific release, that release’s system requirements and supported platforms, and any additional information that may not be included in the accompanying Centrify DirectControl documentation. The upgrade guides describe the steps necessary to successfully upgrade to a specific version of Centrify DirectControl, with particular regard to those computers running multiple Centrify packages.

Centrify Server Suite 2014 Upgrade Guide

Centrify Server Suite 2014 Update 1
Centrify Server Suite 2014

Quick Start & Evaluation Guides

Quick Start Guide for Linux and UNIX

Provides a brief summary of the steps for installing and getting started with Centrify software.

Quick Start Guide for Mac OS X

Explains how to set up the Windows and Active Directory elements that you must have in place before installing Centrify User Suite, Mac Edition (Centrify for Mac), and provides a brief summary of the steps for installing and getting started quickly with Centrify for Mac.

Quick Start Guide for Deployment Manager

Provides a brief summary of the steps for installing and using Deployment Manager.

Quick Start Guide for CIRA

The Centrify Identity Risk Assessor (CIRA) is a risk management feature of the Centrify Server Suite that scans server environments to locate identity-related risks on Linux and UNIX servers. CIRA correlates these findings into a comprehensive report capturing identity vulnerabilities and compliance violations that compare exposures to recommended best practices. Centrify’s experience in securing access controls and auditing servers both on premise and in the cloud with more than 5,000 customers uniquely positions it to provide the level of insight organizations need to expose, understand, and mitigate identity-related risks, ultimately reducing insider threat.

Evaluation Guide for Linux and UNIX

This guide shows you how to install and configure the Centrify software on a Windows computer joined to an Active Directory domain controller and on the Linux and UNIX computers you want to manage. After you install the software, you can follow the steps in this guide to create Active Directory users and groups and set up a test environment with Centrify zones, roles, privileges, and group policies. Through this test environment, you can see how Centrify enables you to control users access, manage privileges, and monitor activity on UNIX and Linux computers in your organization.

Evaluation Guide for Windows

This guide shows you how to install and configure an environment suitable for evaluating Centrify access and auditing features in a Windows-only environment.

Centrify Server Suite Evaluation Checklist

Provides you with an organized feature list that helps you step through all of the key product features during your evaluation. You can customize the list by adjusting the level of importance for any specific feature, enabling you to produce a weighted score that better reflects the value of the Centrify solution in your specific environment.

Centrify for Mac Evaluation Checklist

Provides you with an organized feature list that helps you step through all of the key product features during your evaluation. You can customize the list by adjusting the level of importance for any specific feature, enabling you to produce a weighted score that better reflects the value of the Centrify solution in your specific environment.

Administrator’s Guides

Deployment Manager Guide

Provides complete information for using Deployment Manager to deploy Centrify Server Suite software. This guide is intended for administrators who are responsible for managing user access to servers, workstations, enterprise applications, and network resources.

Administrator’s Guide for Linux and UNIX

This guide shows you how to use Centrify software to manage user and group profiles, role-based access rights, and delegated administrative activity for Linux and UNIX computers. This guide focuses exclusively on the management of identity attributes, rights, roles, role assignments, and privileges that apply to Linux and UNIX computers

Administrator’s Guide for NIS

Provides complete information for installing, configuring and using the Centrify Server Suite Network Information Service (adnisd) to provide authentication and centralized network information from Active Directory to Network Information Services (NIS) clients in a heterogeneous environment. Centrify Server Suite Network Information Service is an optional addition to Centrify Server Suite and the DirectControl agent.

Administrator’s Guide for Mac OS X

Explains how to install Centrify for Mac on Mac computers and describes how to manage user, groups, computers, and Zones. This guide focuses on issues and tasks that are specific or unique to a Mac OS X environment.

Administrator’s Guide for Windows

The Centrify Server Suite Administrator’s Guide for Windows describes how to install and configure Centrify software to manage access rights, elevated permissions, and role-based auditing for Windows computers. This guide focuses exclusively on the management of rights, roles, role assignments, privileges for application and network resources, and auditing requirements that apply to Windows computers.

Administrator's Guide for DirectAudit

Provides complete information for installing and configuring the auditing infrastructure, including guidelines for planning your deployment, managing audited activity, and how to use Audit Analyzer to find and replay captured user sessions. Centrify software helps you comply with regulatory requirements and improve accountability by collecting detailed information about user activity on Linux, UNIX, and Windows computers. The Centrify auditing features enable you to monitor user activity for immediate analysis or specific incidents, such as application failures or security breaches.

Administrator’s Guide for DirectSecure

Provides information for installing, configuring, and troubleshooting Centrify DirectSecure. Centrify DirectSecure enables you to manage IP Security Policies on UNIX computers using Active Directory group policies. The IP Security Policies protect sensitive information by isolating trusted computers on the network and enabling end-to-end encryption of data in motion. If you are familiar with Active Directory group policies, group policy objects, and how to configure and apply IP Security policies on Windows computers, this guide notes where DirectSecure IP Security policies differ from the policies defined on Windows.

User’s Guides

User’s Guide for Windows

Describes how you select and use the roles you have been assigned to get privileged access to applications and network resources. If your organization has deployed Centrify Server Suite 2014 and installed agents on Windows computers, an administrator should have prepared your computer and any remote servers you use and assigned one or more roles with specific access rights to your account.

Deployment Report Readme

The Centrify deployment report utility collects information about the Centrify software you have deployed, including how many licenses you have available, and the number of licenses currently in use. You can use this utility to generate a report that provides a summary and detailed information about the different types of licenses you have purchased for access control, privilege management, and auditing and where active licenses are being used.

Planning & Configuration Guides

Planning and Deployment Guide

Provides conceptual and technical information to help you plan and manage the initial deployment of Centrify software to provide secure authentication, authorization, and configuration services through Microsoft Active Directory. It includes instructions and best practices for planning a deployment, installing the software, migrating existing accounts, and developing a basic set of roles.

Configuration and Tuning Reference Guide

Provides reference information for Centrify configuration parameters. Configuration parameters can be set locally on Linux, UNIX, and Mac OS X computers to fine tune the operation of Centrify Server Suite components and subsystems. Centrify Server Suite is an integrated software solution that delivers secure access control and centralized identity management through Microsoft Active Directory. With Centrify software, your organization can improve IT efficiency, regulatory compliance, and security for on-premise, mobile, and hosted resources.

Group Policy Guide

Describes the Centrify group policies that are available in the Centrify Server Suite for cross-platform access control and privilege management. These group policies allow you to centrally manage computer and user configuration settings through the Microsoft Group Policy Objects.

Smart Card for Red Hat Configuration Guide

This document explains how to set up smart card authentication for logging on to Red Hat Linux computers.

Programmer’s Guides

ADEdit Programmer’s Guide

This guide shows you how to use the Centrify ADEdit command-line interface to manage Centrify objects stored in Microsoft Active Directory. ADEdit is a Tool command language (Tcl) application that enables administrators to run commands and write scripts that modify data in Active Directory directly from their Linux or UNIX console.

Access Control and Privilege Management Scripting Guide

Describes the Centrify DirectManage PowerShell-based command set. These PowerShell cmdlets run on Windows computers and can be used to automate access control and privilege management tasks, such as the creation of Centrify zones, rights, and roles. You can also use the cmdlets to perform other administrative tasks. For example, you can write scripts to add UNIX profiles for Active Directory users and groups to Centrify zones, assign UNIX and Windows users and groups to roles, and manage network information through NIS maps.

Centrify Windows API Programmer’s Guide

This document provides reference information and examples for programmers who plan to use the Centrify Server Suite SDK to develop programs for Windows and UNIX environments. It includes information for managing both Windows and UNIX computers and for managing the Active Directory data associated with UNIX users, groups, computers, and network maps. Much of the information in this guide is primarily intended for developers writing programs to provision UNIX users and groups into an Active Directory environment.

Database Management Guide

This guide is intended for database administrators who are responsible for preparing and maintaining the databases required to store audit-related information. If you are a Centrify administrator, but not a Microsoft SQL Server administrator, you should review the information in this guide with your Microsoft SQL Server system administrator.

Authentication Guides

Authentication Guide for Apache Servers

This guide explains how to install and configure the Centrify web application support package for Apache servers. This package enables you to provide Active Directory authentication for web browser clients on Apache servers.

Authentication Guide for Java Applications

This guide explains how to install and configure the Centrify web application support package for Java applications running on Tomcat, JBoss, WebLogic, and WebSphere application servers. This package enables you to provide Active Directory authentication for web browser clients on Linux, UNIX, or Windows servers.

Authentication Guide for Active Directory Federation Services

This guide shows you how to configure single sign-on to Internet applications through federated identity authentication. This guide explains how to configure Centrify software for Apache, Tomcat, JBoss, WebLogic and WebSphere servers through the use of simple, sample applications. These sample applications enable you to test and verify configuration settings before deploying in a production environment.

Authentication Guide for SAP

This guide shows you how to enable SAP Enterprise Resource Planning (ERP) and SAP R/3 users to authenticate to SAP via the SAP GUI client application on a Windows workstation, without having to type in a user ID and password. With this solution, users who has been properly configured with an SAP account can access the desired SAP business application using their Active Directory user credentials. The user gains single sign-on capability, increasing user acceptance and reducing support desk calls to reset passwords and unlock accounts. In addition, the administrator can disable the user account centrally in Active Directory and immediately remove the user's access to SAP.

Authentication Guide for Netweaver AS Java

This document describes DirectControl for NetWeaver, which enables NetWeaver J2EE applications to use DirectControl as their authentication mechanism, provides users with single sign-on (SSO) capability, and enables the administrator to disable user accounts centrally in Active Directory (AD).

Authentication Guide for IBM DB2

This document describes how to extend DirectControl's authentication services to DB2® database instances. This solution allows you to use Microsoft Active Directory as the centralized authentication and access control data store in a heterogeneous environment containing Windows and UNIX computers, as well as DB2 relational database management systems.

Centrify-Enabled Tools

Integration with Samba

Samba Integration Guide

Describes how to install and configure Centrify middleware to integrate the DirectControl agent with open-source Samba on a Linux or UNIX computer.

Release Notes

Centrify-Enabled PuTTY

Centrify-Enabled PuTTY Guide

PuTTY is a popular open-source tool that provides Telnet, SSH, rlogin and raw TCP client functionalities for Win32 and UNIX-based platforms. Centrify has enhanced this tool to provide Kerberos-based authentication to UNIX and Linux computers; so that it works seamlessly with DirectControl-managed systems. This document describes how to install the Centrify-enhanced PuTTY tool and configure the different Kerberos options.

Release Notes

Integration with SIEM

Splunk Integration

HP ArcSight Integration

IBM QRadar Integration