This worked like a charm, albeit requires Centrify Cloud Connector restart to make the other forest visible in Invite Users page.
↧
Re: Adding users from other AD domain
↧
Re: SSO with xrdp
Hi robertson,
What you describe here is logging in with AD user using username and password. I have no problem with this. What I'm trying to do is to login with SSO and without typing the password, as I do with PUTTY.
The reason for the gray screen you get, is that your system is trying to launch LightDM, the default display manager of Ubuntu which is not compatible with Xrdp. You should start some other display manager either in the .Xclients in the user's home or in /etc/xrdp/startwm.sh .
Rafi
↧
↧
Re: SSO with xrdp
In that case you should know that everything that is required to achieve Kerberos SSO is in place due to Centrify integration (AD-optimized MIT Kerberos libraries, config files, keytabs, etc). Here are your challenges
a) The application (in this case XRDP and all its depenencies) have to be Kerberos-enabled
b) The Kerberos-enabled service (ServicePrincipalName or SPN) has to be registered under the computer's record in AD.
c) The client application (RDP client) has to be Kerberos-enabled too.
Good luck.
↧
Re: Support for centos 6.8?
I got the Centrify agent to install on a CentOS 6.8 machine as well, but it is much easier to manage this from the DirectManage Deployment Manager. Our group is in the process of updating all of our Linux machines to CentOS 6.8, when is the estimated date for the Suite 2017 release for "Official" support on CentOS 6.8?
↧
Re: Support for centos 6.8?
December/January timeframe
(software time)
↧
↧
Re: Issue with NFS Home Directory creation
I realize this thread is a few years old now, but I am having the same issue, but this statement isn't consistent.
Fel wrote:The Centrify daemon runs as root on each system. Therefore Centrify running as root on a system will not have the jurisdiction to create the home directory on the NFS server.
On CentOS 6.x and 7.x A new user logs in, the NFS home directory is mounted (with autofs) and the users home dir is created on the NFS share automatically. No permissions issue at all. However, on Ubuntu 16.04 LTS I am seeing the issue raised in this thread. Can you explain the different behavior on CentOS vs Ubuntu and how to fix it? All 3 are new installs, with nothing more than SSH, NFS, AUTOFS and Centrify client installed.
It seems that on CentOS is runs as root as expected and based on the way we have our NFS share created it is able to create home directories on the share. On Ubuntu it seems it isn't running with the same permissions (root).
↧
Re: Issue with NFS Home Directory creation
This is an old post that has already been solved. Please create a new one.
Please note that we will not be able to comment on the differences in the NFS implementation of one OS vendor vs. another.
Regards,
↧
Centrify Provides Day Zero Support for macOS Sierra
Centrify is pleased to continue its tradition of offering customers immediate support for the latest macOS operating system.
An updated version of the Centrify for Mac Agent is available today for the soon-to-be-released macOS Sierra.
Refer to the macOS Sierra Support Resources Page for everything you need to successfully implement Centrify for Mac with macOS 10.12.
↧
Re: Download links for Centrify Express?
not working, can't find the actual link
and i'm always being dragged back to enter my information\company information to download the express for linux (for some reason there are only windows links there)
↧
↧
Re: Express for Smart Card Download not working wit macOS 10.12
Hello,
I’m currently using macOS Sierra 10.12 with Express for Smart Card 5.3.3 (Smart Card Assistance) that I downloaded from this link: https://www.centrify.com/express/identity-service/smart-card-download-files/
I’m not sure why but this version is not working for me, I attempted to follow all the instructions from the website but some of it is a bit outdated.
My problem is that I'm attempting to access a website (Email Server) that requires certificate from my ID and the PIN number. After selecting the correct certificate and pin number I still get this same massage forever and I’m unable to login to the website.
Message Window: Enter PIN for: “com.apple.WebKit.Networkin”
I have access for this website and the correct pin, any ideas what is going on?
Please let me know if you need any additional information.
Thank you.
↧
UID/GID generation consistent across agents?
Hi,
I am looking into using Centrify Express for AD auth for a few CentOS and Ubuntu machines. I have read that Centrify uses an algorithm to generate UID/GID's from the SID in AD.
Does this algorithm generate the same results on different machines joined with Centrify Express? Some of my systems will rely on uid/gid being the same across systems so that mounts work as expected.
Will it behave like this?
Thanks!
Eddie
↧
Re: Express for Smart Card Download not working wit macOS 10.12
Hello
Can you tell us a bit more about your deployment? Were you using El Capitan and then upgraded to Sierra, or is this a new Sierra install? It may be likely that the reader you have needs a new driver to support MacOS 10.12.
Does the Smartcard display in the keychain? Have the necessary certs been added?
A good place to start is this thread, "[Read Me 1st] – Common OS X Smart Card troubleshooting steps" which links to the milirary provided site to help with general Smartcard issues, including updating your driver.
I hope this helps!
Have a great day!
Ryan V.
↧
Re: Download links for Centrify Express?
I have the same issue. Was wondering if there is a straightforward way for a Community Express member to download updated Express software without the redundancy of registration all over again.
Thanks
↧
↧
Re: UID/GID generation consistent across agents?
Welcome to the Centrify Express Forums.
The UID/GID generation will be the same across systems as long as they join the same AD domain.
Note that we also support other algorithms like Apple's.
R.P
↧
iOS Centrify Express users being prompted to put in "App Specific" passwords all of a sudden
We use Centrify Express for iOS, and push the settings for the Apple iOS Mail client to users as part of the AD settings. We use Google apps, and all of our users with 2-factor enabled, are having to re-enter their app-specific passwords today, to get access to their mail.
Is there anything that would have been pushed via Centrify that would cause this? How would I troubleshoot (what logs can I look at) that would tell me?
Maybe the 2-factor saved password expires after a while?
↧
Re: iOS Centrify Express users being prompted to put in "App Specific" passwords all of a
Hello GarlockPrinting!
Are the mail accounts from an Exchange profile? Was there a recent change to the device policy on your end or was the policy reapplied?
If so, have the end user enter their Exchange password and allow the device to synchronize.
Devices that are not configured to receive Exchange ActiveSync profiles will not experience this issue. Once the affected device completes mailbox synchronization, the issue should not appear again.
If you are still experiecing the issue, please provide more details on the type of mail account that is configured on the iOS device and if there were any recent changes made to the device policy.
Thank you for posting at the Community Portal! :)
Kindly,
Kequa
↧
App: Samanage 2016-09-26T15:21:34.0975613+00:00 Failed to create AppContext, this applicatio
Howdy all.
We use Centrify to manage SSO for one application, Samanage.
Lately my directory sync has been failing with:
Samanage:
No Authenticate Header
The full debug report on the server states:
App: Samanage
2016-09-26T15:21:34.0975613+00:00
Failed to create AppContext, this application will not be synchronized. Reason: No Authenticate Header
Thoughts?
THanks you in advance.
↧
↧
Unable to download free version onto chrome
I am trying to download free version of centrify and it gives me an error code... net::ERR_CONNECTION_REFUSED. Anyone, help.
↧
Re: App: Samanage 2016-09-26T15:21:34.0975613+00:00 Failed to create AppContext, this applic
Hello Fingers24!
Thank you for posting to the Community forum.
Can you provide your provisioning script details so that I can determine why the Authentication header cannot be found?
You can locate the provisioning script at Apps > Samanage > Provisioning > Provisioning script.
Kindly,
Kequa
↧
Re: Unable to download free version onto chrome
Hello Me63368!
Thank you for posting to the Community Forum!
Do you have a proxy server configured at your Internet Explorer browser?
If so, and if you are using a Windows system, go to the Control panel > Internet Options > Connections tab > LAN Settings > Proxy server and uncheck “Use a proxy server for your LAN".
This should resolve your issue with the download.
Kindly,
Kequa
↧
