I mean that you
- Connect to the Windows Server(s) running the Centrify Connector service (locally or via RDP).
- Search for "Centrify Connector Configuration" and review this part:
- If the output is
a) Started and succesful connectivity: review and make sure that there is an SCP for that connector in Active Directory. There are no firewall rules affecting the system from reaching the service.
- Connectivity requirements: https://docs.centrify.com/en/centrify/adminref/index.html#page/cloudhelp%2Fcloud-admin-install-requirements-firewall.html%23wwconnect_header
b) Stopped: start it. Make sure all looks fine on the tenant side.
b) Started and Failed to connect: try to restart and troubleshoot why it's failing the connection. You can use the connection troubleshooter.
Notes:
- Nobody from the Express community will ever ask to connect to your servers. If you are a commercial customer, you can work with support. If you are an express customer, please make sure you troubleshoot this based on your knowledge.
- Obviously, this reactive approach is not the right thing to do. The connector service is too important based on what your design goals are. You can use monitoring scripts or SIEM integrations to make sure the Connector Service is always available by way of alerts, auto or manual remediation. Like any other infrastructure, this is part of the day-by-day operations.
To monitor connector health you can:
- Use the sample provided on GitHub: https://github.com/centrify/Centrify.Samples.DotNet.ConnectorHealth
- Use
's guidance from this post: https://community.centrify.com/t5/TechBlog/How-to-monitor-your-Centrify-Connectors/ba-p/29247 - Leverage Reports:
