It's that time again...we will be updating Identity Service to version 15.2 tomorrow morning (March 7th). The focus of this release was to improve upon performance and usability of certain key areas in the product. The complete list of features is available here; but, let me point out a few important ones:
UI and Usability Enhancements for Username / Password Apps:
We've made a few minor changes here that we feel will really improve end-user adoption and satisfaction with the product. Specifically, we've done the following:
- For apps using a shared username and password (e.g. a corporate Twitter account), we now show an icon indicating that the app is a shared account. This is particularly useful when employees use both personal and corporate credentials for the same app (e.g. in the case of Twitter, someone in Marketing may tweet on behalf of his/her company, and may also have a personal account).
- We have consolidated the Settings UI for apps to include both the "User Identity" for the app, and the "Tags" that the user has assigned to that app for filtering in the User Portal.
- For personal apps (apps not using a shared password), we've added support to show the password (by clicking the "eye" icon), and / or copy the password to the clipboard (by clicking the "copy" icon).
Improved Management of Cloud Connectors:
As you may know, the Cloud Connector is an optional component to our service that enables secure communication between resources on your company network and the Centrify Identity Service. Today, the Cloud Connector serves two purposes:
- AD Proxy (so users can get SSO using domain credentials without storing those credentials in the cloud),
- App Gateway (vpn-less, secure access to on-prem web apps). NOTE: in case you missed it, the App Gateway is now generally available in the App+ Edition of Identity Service. Contact your account team to learn more.
Our goal from a product perspective is to solve complex problems in a simple and elegant way for end-users and system administrators alike. To that end, we've simplified the management and configuration of the Cloud Connectors for our customers who are using Centrify Identity Service for MDM. When using the product for MDM, the administrator must choose where they want to manage mobile device policy: (i) using Active Directory Group Policy, or (ii) using our Cloud Policy Service. With earlier versions of our product, when running in AD-GP mode, the Cloud Connector UI included a "Mobile Settings" tab for configuring and managing polling intervals, certificate authorities and for mapping groups to containers (OUs) where the device objects would be stored in AD. While this is great functionality, it can be difficult to manage in large deployments with multiple Cloud Connectors. With 15.2 we've removed the Mobile Settings tab from the Cloud Connector itself and moved those settings to Cloud Manager here:
- You can now set the polling interval and the CA under Settings > Device Policy Management
- You can now specify the container for device management under Policies > Mobile Device Policies > Device Enrollment Settings> Organizational Unit
For existing customers who have been using MDM in AD-GP mode, when your Cloud Connectors get upgraded to 15.2, we will automatically migrate polices over from the Cloud Connector to the Cloud for each OU mapping that you have created.
We will be continuing this migration effort over the coming releases as our goal is to completely manage the Cloud Connectors from the Cloud. The migration of the mobile settings (and not introducing any configuration components for the App Gateway) was the first step in that direction.
We hope you enjoy these new features and look forward to hearing your feedback!