Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

Centrify 17.1, 17.1 Hotfix 1 & Hotfix 2 Release Notes

11 April,19 at 11:51 AM

New Features - Centrify Identity Service

 

CBE Form-Fill 

 

This feature allows users to go directly to username / password app to login through Centrify without going to the User Portal.

 

Form-Fill now available for:

  • Firefox
  • IE
  • Chrome

User can enable/disable auto-login.

 

CBE form fill.gif  

 

Force finger print for Mobile Authenticator (Android)

 

This is a new policy to require finger print scan.

 

  • When using mobile authenticator MFA Method, a required finger print pop-up will appear 
  • Policy to allow or disallow PIN Fallback
  • iOS coming in the next release

 Forced Fingerprint.png

 

 

Remediation Actions for Unreachable Devices

 

If a device is unreachable for X days, the following actions are available to admins:

  • Admin Lock
  • Auto-Unenroll

unreachable devices.png 

 

 

3D Touch / App Shortcuts

 

Long press on the Centrify app icon will bring up:

  • Send MFA Code (Mobile Authenticator)
  • The last 2 apps used
  • Notifications area

 

This feature is available for Both for iOS and Android 7.1+.

 

3d touch.png 

 

 

New policy for Samsung KNOX – Force GPS

 

Admins can now force managed Samsung KNOX devices to have GPS enabled.  New policy is available here:

  • Policies > Mobile Device Policies > Samsung KNOX Device Settings > Restriction Settings

Samsung KNOX.png

 

 The following apps have been updated:

 

  • Windows Live
  • Skype
  • Yahoo Mail
  • eFax
  • Box
  • Lynda
  • My Adobe
  • Twitter
  • PollEverywhere
  • Juniper Pulse renamed to Pulse Secure

 

 

New Features - Centrify Privilege Service

 

Privilege Service On-Premises

 

  • Centrify Agent for Windows is bundled with Privilege Service on-premises
  • Accessible via Admin Portal > Downloads > Centrify Agents

CPS om prem.png 

 

Web Proxy Option - Centrify Agent for Linux 

 

In this version we introduce the -p (--http-proxy) option for the cenroll command to specify a web proxy for Centrify Agent for Linux enrollment operations.


Using this option will update the agent.web.proxy.global and agent.web.proxy.order parameters of the /etc/centrifycc/centrifycc.conf file (ref:CC-42880)

 

 

Resolved Issues and Behavior Changes

 

The following list records issues resolved in this release and behavior changes.

 

  • De-provisioning both a user and user’s manager at the same time in the NetSuite app now correctly de-provisions the user’s manager (CC-43569).
  • The Internet Explorer browser extension now loads pages where there is no document.defaultView object (CC-43553).
  • The Download Signing Certificate help tip now displays on IE in the WebEx SAML app (CC-42130).
  • Samsung KNOX UMC enrollment is now initiated with the Chrome browser on Samsung KNOX devices (CC-43323).
  • The IMEI is now displayed correctly for Android 6.0+ devices (CC-43164).
  • A device no longer shows as enrolled in the Admin Portal if enrollment was cancelled before completion (CC-43731).
  • The derived credential status no longer gets stuck at “pending” for devices running Android versions earlier than 7.0 (CC-43436).
  • Manager and Subsidiary field values are now sent to NetSuite (CC-42932).
  • Existing users are no longer overwritten by the Slack provisioning app if the option to keep existing users is checked (CC-42907).
  • All phone numbers (office, home, mobile) are now synched by the Slack provisioning app (CC-37056).
  • The Qmarkets provisioning app now supports the option to disable a user (CC-42967).
  • If a role is assigned as a workflow approver, the name of the role member that approved is now displayed after the approval has been given (CC-43221).
  • In the Google Apps for Work provisioning app, it is now possible to add a child Active Directory group for a synched Active Directory group (CC-39478).
  • Sync records for rejected user cases are no longer deleted by the Office 365 provisioning app (CC-43514).
  • All approvers on a Workflow request are now shown in the approval/rejection email to the affected user (CC-43171).
  • The Role “Add Members” dialog no longer pre-fills the list of all available users to improve UI performance (CC-43291).

 

For security advisories and known issues, please see attached file.

 

For 17.1 Hot Fix 1 security advisories and known issues, please see attached file.

 

For 17.1 Hot Fix 2 security advisories and known issues, please see attached file.

 

Note: To receive release notes prior to the monthly product update, subscribe to the Centrify Cloud Highlights and Release Notes Tech Blog. This release information is posted in advance of the release date. Please check back at release time for updates.

Attachments:
17.1-Release-Notes-Known-Issues.pdf
.pdf
.pdf

Related Articles

 articleCentrify 17.2 and 17.2 Hotfix 1 Release Notes articleCentrify 17.6 and 17.6 Hotfix Release Notes articleCentrify 17.5 and 17.5 Hotfix Release Notes articleCentrify 16.11 & 16.11 Hotfix 1 Release Notes articleCentrify 16.12 & 16.12 Hotfix 1 Release Notes articleCentrify 17.4 and 17.4 Hotfix Release Notes articleCentrify 18.10 Release Notes article17.1 Highlights: Form-Fill GA, and Mobile Enhancements articleKB-9413: Centrify Report Services in a TLS 1.2 Environment