Centrify Cloud Connector Deployment Guide



Similar documents
Google Apps Deployment Guide

What s New in Centrify Privilege Service Centrify Identity Platform 15.4

AVG Business Secure Sign On Active Directory Quick Start Guide

AVG Business SSO Connecting to Active Directory

Getting Started with Clearlogin A Guide for Administrators V1.01

Centrify Suite Enterprise Edition Online Training

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Speeding Office 365 Implementation Using Identity-as-a-Service

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Centrify Server Suite Management Tools

Introduction to the EIS Guide

Configuring User Identification via Active Directory

Introduction to Directory Services

An Overview of Samsung KNOX Active Directory and Group Policy Features

Installing Samsung SDS CellWe EMM cloud connectors and administrator consoles

VMware Identity Manager Administration

Configuration Information

Bill Fiddes Learning and Development Specialist Rob Latino Program Manager in Office 365 Support

Cloud Services ADM. Agent Deployment Guide

Configuration Guide. BES12 Cloud

Preparing for GO!Enterprise MDM On-Demand Service

Configuring the Samsung SDS CellWe EMM cloud connector

MaaS360 On-Premises Cloud Extender

Deploying NetScaler Gateway in ICA Proxy Mode

SPHOL300 Synchronizing Profile Pictures from On-Premises AD to SharePoint Online

Centrify OS X Basic Jump Start

VMware Identity Manager Connector Installation and Configuration

OneLogin Integration User Guide

Configuring Global Protect SSL VPN with a user-defined port

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

Quick Start Guide Sendio Hosted

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Mod 2: User Management

How To - Implement Single Sign On Authentication with Active Directory

Managing users. Account sources. Chapter 1

MaaS360 Cloud Extender

Centrify Cloud Management Suite

Test Lab Guide: Creating a Windows Azure AD and Windows Server AD Environment using Azure AD Sync

360 Online authentication

Before you begin with an Exchange 2010 hybrid deployment Sign up for Office 365 for an Exchange 2010 hybrid deployment... 10

Get started with cloud hybrid search for SharePoint

Provisioning ShareFile on Microsoft Azure Storage

Single Sign On for ShareFile with NetScaler. Deployment Guide

Introduction to Mobile Access Gateway Installation

NSi Mobile Installation Guide. Version 6.2

PineApp Surf-SeCure Quick

Protected Trust Directory Sync Guide

Defender Token Deployment System Quick Start Guide

Windows Phone 8 Device Management

escan SBS 2008 Installation Guide

Migrating Exchange Server to Office 365

Citrix NetScaler and Microsoft SharePoint 2013 Hybrid Deployment Guide

Getting Started Guide: Getting the most out of your Windows Intune cloud

Sophos Mobile Control SaaS startup guide. Product version: 6

Employee Active Directory Self-Service Quick Setup Guide

Special thanks to the following people for reviewing and providing invaluable feedback for this document: Joe Davies, Bill Mathers, Andreas Kjellman

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

What is the Barracuda SSL VPN Server Agent?

Configuration Guide for Active Directory Integration

Automating Cloud Security with Centrify Express and RightScale

Citrix Workspace Cloud Apps and Desktop Service with an on-premises Resource Reference Architecture

Active Directory Management. Agent Deployment Guide

Mobile Device Management Version 8. Last updated:

NETASQ ACTIVE DIRECTORY INTEGRATION

Active Directory Management. Agent Deployment Guide

DESlock+ Basic Setup Guide ENTERPRISE SERVER ESSENTIAL/STANDARD/PRO

F-Secure Messaging Security Gateway. Deployment Guide

Configuring. Moodle. Chapter 82

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

SCOPTEL WITH ACTIVE DIRECTORY USER DOCUMENTATION

Certificate Management

icrosoft TMG Replacement with NetScaler

Security Considerations for DirectAccess Deployments. Whitepaper

Quick Start 5: Introducing and configuring Websense Cloud Web Security solution

App Orchestration 2.5

GRAVITYZONE HERE. Deployment Guide VLE Environment

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

Sharepoint server SSO

Deployment Guide ICA Proxy for XenApp

How To Set Up Dataprotect

LDAP Synchronization Agent Configuration Guide

Request Manager Installation and Configuration Guide

What s New in Centrify Server Suite 2015

Managing Office 365 Identities and Services 20346C; 5 Days, Instructor-led

Flexible Identity Federation

Introduction to the AirWatch Cloud Connector (ACC) Guide

Course 20346: Managing Office 365 Identities and Services

Product Manual. MDM On Premise Installation Version 8.1. Last Updated: 06/07/15

Secure Messaging Server Console... 2

SHAREPOINT HYBRID AND IMPLICATIONS OF 2016

Hybrid for SharePoint Server Search Reference Architecture

App Orchestration 2.0

CloudCall for Salesforce- Quick Start Guide. CloudCall for Act! CRM Quick Start Guide

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

Managing Office 365 Identities and Services

Transcription:

C E N T R I F Y D E P L O Y M E N T G U I D E Centrify Cloud Connector Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component of your corporate identity and access infrastructure. Our thorough approach to availability, reliability, scalability, security and privacy ensures that you can depend on Centrify as a trusted partner and provider. This document is a step by step guide how to deploy the Centrify Cloud Connector to connect to Active Directory and or LDAP databases.

Contents Abstract... 1 Overview... 3 Installing the Centrify Cloud Connector... 4 Enabling LDAP directory authentication... 10 High Availability (HA) setup... 13 Conclusion... 14 Contact Centrify... 14

Overview For customers who want to integrate the Centrify Cloud with their on-premises Active Directory or LDAP directory for user authentication or connect to their on-premises applications like SAP NetWeaver / SharePoint / etc without the need for VPN, A Centrify supplied software program called the Centrify Cloud Connector needs to be installed inside their environment. The Centrify Cloud Connector is a simple Windows service that runs behind a customer s firewall to provide real-time authentication, policy and access to user profiles without synchronizing data to the cloud. The Cloud Connector seamlessly integrates with Active Directory or LDAP without opening extra ports in an organization s firewall, or adding devices in their DMZ and acts as a gateway for access to on-premises applications without the need for VPN. The Cloud Connector delivers the following security capabilities: For each tenant, a unique PKI Certificate issued from the Centrify Cloud to the Cloud Connector during registration. All communications between the Centrify Cloud and the Centrify Cloud Connector are encrypted and mutually authenticated for each tenant using these unique certificates. None of the traffic between the Centrify Cloud and the Cloud Connector can be read by the Azure infrastructure.

Installing the Centrify Cloud Connector The Centrify Cloud Connector can be downloaded directly from the tenant. To integrate Active Directory into the Centrify Cloud the Cloud Connector must be installed on a Domain joined windows system. To integrate a LDAP directory into the Centrify Cloud Service the Cloud Connector must be installed on a Windows system that is able to communicate with the LDAP directory. Initial configuration of the Cloud Connector follows installation with the Cloud Connector configuration wizard, which launches automatically. For both, Active Directory and LDAP directories, the initial installation and configuration is the same. The additional configuration needed for LDAP directories is covered in the next chapter. 1. Log on to the Centrify Cloud Manager at https://cloud.centrify.com/manage 2. Click on Settings 3. Click on Cloud Connectors 4. Click on Add Cloud Connector

5. Click on Download 64 bit to download the Cloud Connector application installer to your local hard drive For integrating Active Directory with the Centrify Cloud Service, the Cloud Connector must be installed on a Domain joined Windows system For integrating LDAP directory with the Centrify Cloud Service, the Cloud Connector must be installed on a Windows system that can communicate with the LDAP directory 6. Using Windows Explorer locate the file downloaded and extract the content onto the System where you want to install the Cloud Connector 7. Double click the Cloud-Mgmt-Suite-xx.x-win64.exe installer

8. Click on Next 9. Check the I accept the terms in the license agreement and click on Next 10. Follow the wizard instructions and click on Install 11. Once the installer finishes the Cloud Connector configuration dialog will open automatically 12. To start the configuration click on Next

13. Enter your tenant administrative username and password NOTE: Your role must have the Register Cloud Connectors administrative right to download the Centrify Cloud Management Suite package and register the Cloud Connector 14. Optionally you can configure a web proxy for connection to the Centrify Cloud Service 15. Click on Next

16. The Cloud Connector will validate the configuration and test connection to the Centrify Cloud Service. Upon successful completion of the tests the Cloud Connector will connect to the Cloud Service and start the Cloud Connector services. 17. Click on Finish

18. Within the Centrify Admin Portal go to Settings Cloud Connectors to confirm successful connection to your Cloud Connector 19. This is all configuration needed to enable users to authenticate using their domain credentials against onpremises Active Directory

Enabling LDAP directory authentication 1. Within the Centrify Admin Console go to Settings Directory Services 2. Click on Add LDAP Directory

3. Fill out all the fields in the Add LDAP dialog and click on Test Connection For example, a LDAP directory for the company centrifydemo.us with an admin user in a container for Users under the root the configuration would be. Base DN: DC=centrifydemo,DC=us Bind DN: CN=admin,CN=Users, DC=centrifydemo,DC=us This is just an example and the LDAP prefix depend on the LDAP server schema configuration.

4. Under Roles you now can select from which User Directory to add users to a Role for authentication and authorization 5. Go to Roles double click on an existing Role (or add a new Role) Members Add Members

High Availability (HA) setup To enable High Availability you simply install the Centrify Cloud Connector on more than one Windows system within your environment. The Centrify Cloud Service will automatically load balance user authentication requests and AppGateway for connection to on-premises apps between the available Cloud Connectors. For Active Directory environments each system on which the Cloud Connector is installed must be a domain joined system For LDAP directory, each system on which the Cloud Connector is installed must be able to communicate with the LDAP directory A single Cloud Connector can serve as AD Proxy, LDAP Proxy and AppGateway simultaneously A single Cloud Connector can support one Active Directory Domain or multiple forests if a trust relationship between the forests exist A single Cloud Connector can support multiple LDAP directories, there are no limitations on the number of LDAP directories support.

Conclusion The Centrify Cloud Connector runs on a host computer in your environment and manages communications between Active Directory and/or LDAP directory and the Centrify Identity Platform. It specifies groups whose members can enroll devices and a group whose members can manage devices. It also monitors Active Directory for group policy changes, which it sends to the Centrify identity platform to update enrolled devices. The cloud connector configuration application allows you to complete the initial configuration, if necessary, to make changes, and to configure additional features such as logging and sending alerts that are set to default values during initial configuration. You can also run this application to monitor the status of your cloud connector. The identity platform uses all of the available Cloud Connectors configured for a service. Each server has its own Cloud Connector configuration program that you launch on the computer hosting the Cloud Connector. However, when you make a change to any of the Cloud Connectors in an installation (that is, servers registered to the same customer ID), the changes are propagated to all the servers in the installation to ensure that they are all in sync. The Centrify Cloud Connector Configuration Program is installed on any computer where a Cloud Connector is installed. Contact Centrify Centrify strengthens enterprise security by managing and securing user identities from cyber threats. As organizations expand IT resources and teams beyond their premises, identity is becoming the new security perimeter. With our platform of integrated software and cloud-based services, Centrify uniquely secures and unifies identity for both privileged and end users across today s hybrid IT world of cloud, mobile and data center. The result is stronger security and compliance, improved business agility and enhanced user productivity through single sign-on. Over 5000 customers, including half of the Fortune 50 and over 80 federal agencies, leverage Centrify to secure their identity management. Learn more at www.centrify.com. Santa Clara, California: +1 (669) 444-5200 Email: sales@centrify.com EMEA: +44 (0) 1344 317950 Web: www.centrify.com Asia Pacific: +61 1300 795 789 Brazil: +55 11 3958 4876 Latin America: +1 305 900 5354

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information