Ryan,
thank you for your reply.
My group is scope is 'global' ans type is 'security'. It should not be affected by that change.
Any other idea?
↧
Re: AD group is not synced to O365
↧
Re: Not able to login to my unix machine via AD id
My personal preference is not to use Deployment Manager and use tools like Chef or Puppet for Centrify client deployment. This eliminates unnecesary components or complexity.
Some final observations:
"when I installed agnet via DirectManager console then why it was not added to domain only on this server and how it was added to other server and I did not get any error during deployment steps"
That's because when you do step 4, you have to specify the checkbox "join active directory" in the wizard and provide an AD account.
[root@m2 ~]# /etc/init.d/centrifyd
centrifyda centrifydc
I noticed that you deployed our Audit client. You have to remove it since this capability requires Enterprise Edition.
Remove with yum or rpm. This added unnecessary configurations to your system.
R.P
↧
↧
Re: Not able to login to my unix machine via AD id
Thanks a lot for your kind words and feedback.
Can you please give me complete command to remove audit with yum.
Thanks in advance.
↧
Re: Not able to login to my unix machine via AD id
If using yum
$ sudo yum erase CentrifyDA
If using RPM
- Search the CentrifyDA RPM pacakge name
$ sudo rpm -qa | grep CentrifyDA
CentrifyDA-3.4.0-204.x86_64 - Erase the package
$ sudo rpm -e CentrifyDA-3.4.0-204.x86_64
R.P
↧
Constantly Asking for CAC Pin
I am currently trying to bring a new apple product to our DOD Network. When i installed centrify express for CAC authentication, everything seemed to work great, it could see the CAC and everything. The seond I try to go to my secure email, it goes to the website, but it constantly like very second asks for my PIN number. Its not caching my pin, so about every second i get a prompt to type my pin, and it is very hard to get anywork done. any suggestions?
↧
↧
Re: macOS Sierra 10.12.2 DOD CAC Access Issues
Hi dciciora,
Could you send the diagnostic to my email address:
albert.chu@centrify.com
Thank you!
Regards,
Albert
↧
Re: Constantly Asking for CAC Pin
Hi
Welcome to Centrify community!
According to your description, the PIN is able to log you into the Mac for authentication which is great. However, it deson't seem to be able to accept your PIN / certificate for secure websites.
With that being said, I suspect the issue is on the certificate itself. As there are many purpose a certificate have, Server authentication, client authentication, secure email, etc. This can be configure when you are creating the certificate template for the Smartcard.
Since the PIN is able to log you into the Mac for authentication, therefore this proves the PIN is correct, and the certificate has Server authentication setup within. However, it's denying the PIN from logging into the website, therefore I believe this could be due to the missing config of the certificate on the smartcard.
To verify that, try to update the Smartcard with a different certificate and see if you are able to login to the secure mail. If not, please help to capture the diagnostic report for us with the following steps:
1. Open up Smart Card Assistant
2. Go to Diagnostics
3. Click "Run" and it will require to input the PIN
4. Once finished running, please click "Save to Desktop" to save the diagnostic
Please upload the file or paste the diagnostics to this post. Thanks!
Regards,
Ivan
↧
Re: Problems with Enterprise Email https://web.mail.mil
Aloha,
I'm in the US Army Reserves and currently having issue accessing my AKO Webmail with the following results...need assistance.
Your session could not be established.
The session reference number: d3184e27
Access was denied by the access policy. This may be due to a failure to meet access policy requirements.
If you are an administrator, please go to Access Policy >> Reports : All Sessions page and look up the session reference number displayed above.
To open a new session, please click here.
↧
Re: Problems with Enterprise Email https://web.mail.mil
Hi JJ66395,
Welcome to Centrify.
From the information given above, it sounds like the issue is on the server itself as the access was rejected by the server. As Centrify is helping to present the credential inside the smartcard and the access control will be on the server end. You might need to contact the administrator of the server with session reference number to help to resovle this issue. Hope this helps. Thanks!
Best Regards,
Albert
↧
↧
Active Directory Aliases not syncing to Office 365 via Centrify
Hi,
Hoping you guys can help, The problem seems to be Office 365 is not picking up aliases that are added in Active Directory > Proxy Attributes.
The main domain, @maindomain.com for example, this is fine and is added in 365, and the main SMTP:firstname.lastname@maindomain.com is syncing.
All aliases have stopped - Any ideas why?
They are all still in the proxy attributes section in AD, I've tried removing one and re-adding then forcing a Centrify sync via the user outbound provisioning in Centrify, but they are still not going through.
The old domain (as the aliases are for the companies old domain) is added in 365 and showing as no problems, yet some users have 9-10 email aliases and none are showing in office 365 yet all show in AD > Proxy attributes
Any ideas? Any help would be hugely appreciated.
Thanks you
Aaron
↧
Re: Active Directory Aliases not syncing to Office 365 via Centrify
Hi
You should have received a response from support team in a support ticket.
Please make sure you select the option "Enable Hybrid Exchange Support" for proxyaddresses to sync to Office 365.
Thanks,
Henry
↧
Re: Active Directory Aliases not syncing to Office 365 via Centrify
Thanks Henry, that's sorted it!
↧
Re: Invalid Profile
Hi
By googling the error message, that appears to be a common Apple issue.
Couple of suggestion are to check the iOS console (see KB below) or check if there is any conflict MDM profile already installed on the device (Systems > General > Device Management):
https://centrify.force.com/support/Article/KB-4992-How-to-collect-console-logs-for-iOS-devices
Thank you.
Best Regards,
Henry
↧
↧
Re: Invalid Profile
Thanks for the reply!
The devices are brand new, out of the box. Now this morning, I put in my credentials on device boot, and nothing happens. No error, just nothing.
So I do not even have the Centrify Mobile App installed, to adjust log settings.
I googled the error, but I didn't find anything anywhere about this.
The devices are brand new, out of the box. Now this morning, I put in my credentials on device boot, and nothing happens. No error, just nothing.
So I do not even have the Centrify Mobile App installed, to adjust log settings.
I googled the error, but I didn't find anything anywhere about this.
↧
adbindproxy and centrify express
Hello
Just wondering if I am using Centrify Express will adbindproxy work? or does adbindproxy only work with Centrify suite?
Thanks, Abdul
↧
Re: Active Directory Aliases not syncing to Office 365 via Centrify
Glad to hear the hybrid option was able to sync the desired attributes. We have a ton of documentation around Office 365 configuration in our online help but you might find the below checklist summary handy to quickly verify your current setup and to have on hand for general reference.
KB-6028: Getting Started with Office 365 and the Centrify Identity Service - Configuration Overview is available from our Customer Portal along with other getting started and configuration guides. The article also includes a troubleshooting section and flowchart to quickly identify issues and resolution steps.
The guide is split into easy to follow steps with help links for each configuration step. Just wanted to mention in case other Community users experienced a similar situation. Feel free to leave any document feedback here in the Community and thanks again for posting your question!
-Tony
↧
Re: adbindproxy and centrify express
Welcome back to the Express forums.
Yes, it should work.
R.P
↧
↧
Re: adbindproxy and centrify express
thanks R.P
the reason I was asking is that I have followed this document exactly step by step but when I try to access the sama-test that is automatically created I get an error stating I do not have the permission to this folder
http://community.centrify.com/t5/TechBlog/Server-Suite-2016-Samba-with-adbindproxy/ba-p/24052
I am running version 5.4
↧
Re: Invalid Profile
I figured it out. I had to configure the Cloud manager APNS certificate. Once I did that within Centrify settings, the profiles loaded on the iPhones.
↧
Re: Invalid Profile
Kudos for helping the community by updating the post with the correct answer to the issue!
↧