Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

Centrify 17.5 and 17.5 Hotfix Release Notes

11 April,19 at 11:51 AM

New Features - Centrify Identity Service

 

New UI

 

Identity Service and Privilege Service admin portals have been merged.

 

New UI 1.gif

 

  • Vertical navigation to support more tabs
  • Cross-product capabilities now grouped under “Core Services”
    Screen Shot 2017-05-12 at 9.54.46 AM.png
  • Privilege Service specific capabilities grouped under “Infrastructure”
    Screen Shot 2017-05-12 at 9.55.06 AM.png
  • Grouped tabs can be collapsed
    new UI 2.1.gif
  • Tabs / Quick Start Wizard steps appear based on entitlement
  • Caching for better performance

User Portal has been refreshed.

 

new UI 3.gif 

 

Managed Device Policy

 

Easily limit access to Apps and Infrastructure to trusted devices (managed devices)

  • Now available as conditions in our rules builder:
    • Login Authentication Policy
    • App/Resource Policy
  • No longer requires a policy script

managed device policy 1.gif

 

Managed Device = device under management by Centrify (MDM), or a 3rd party (based on presence of a certificate).

 

Screen Shot 2017-05-12 at 9.58.47 AM.png

Screen Shot 2017-05-12 at 9.59.01 AM.png

  

Password Reset Confirmation Email

 

Improved security by sending email to user whenever password is changed:

  • Password Reset (login UI)
  • Password Change by User in the User Portal
  • Password Change by Admin via Set Password action in Admin Portal

password1.gif

 

Admin must enable at tenant level

  • Settings > Authentication > Security Settings
    Screen Shot 2017-05-12 at 10.00.19 AM.png

 

 

  

Local Admin Account Password Management for Mac

 

Unique admin password for each Mac

  • Vaulted in CPS
  • Rotated on schedule
  • Policy driven account creation
  • Policy to specify account name
    Screen Shot 2017-05-12 at 10.00.42 AM.png
  • Automatic take-over of existing account
  • “Checkout” for authorized admins
    check out.gif
  • Role must explicitly have the “Device Management All” right
    Screen Shot 2017-05-12 at 10.01.19 AM.png

 

 The following apps have been added to the catalog:

 

  • Provisioning support for Workplace by Facebook app
  • JIRA Cloud (SAML)

  

The following apps have been renamed:

  • Facebook at Work  -->       Workplace by Facebook
  • Adobe EchoSign     -->       Adobe Sign 

  

The following apps have been updated:

  • dobe Sign
  • Yahoo Mail
  • Igloo (app icon only)
  • AVG CloudCare
  • QuickBooks Online
  • EMC
  • Redhat Support (Customer Portal)

 

 

New Features - Centrify Privilege Service

 

AD Account Unlock

 

  • Provides administrator-assisted AD account unlock or automated unlock on CPS operations
  • Another use for the domain’s “Administrative Account”
  • A New Entitlement “Unlock account” at the domain level allows manual unlocks
  • Policy at the domain level allows for automatic unlocks on privilege session or password checkout

CPS AD.png

 

 

Manual Multiplex Account Password Rotation and Swap

 

  • Accelerates the ability to demonstrate password management for Services
  • Prior to 17.5, it was not possible to rotate the password of any of the 2 physical AD account that make multiplex account
  • The new behavior allows for the rotation of the account that is not in use
  • Admins can push the password and Privilege Service does the rest

 CPS Manual.png

 

New Features - Centrify Analytics Service

 

Download Default Dashboards

 

Select any number of default dashboards to export. Anyone can upload these dashboards into Analytics Service to customize the default dashboard.

 

analytics1.png

 

Analytics Service Usage Dashboard

 

This dashboard helps you understand who’s using the Analytics Portal and provides you it’s usage insights.

 

analytics2.png

 

 

Added Table View for Insights Widgets

 

Dashboard Widgets can now to toggled to display data in table view.

 

Analytics3.png

Resolved Issues and Behavior Changes

 

The following list records issues resolved in this release and behavior changes.

  

  • In addition to the new user experience in 17.5, numerous changes have been made to improve the responsiveness and performance. Two changes should be significantly faster:
    • When changing main navigation tabs that display grids, if the tab has been opened before in this session it should display very quickly the second and subsequent time it is accessed.
    • Search and sorting results on main navigation tabs that display grids is also cached, so repeating a search or sort a second time in a session will provide the results quickly.
  • Inbound provisioning with Workday now supports setting a date when the user should be created, with the default date of the user’s start date. Previously users were always created on the user’s start date (CC-45723).
  • A confirmation email can now be sent to a user after a successful password reset. This option is off by default, but can be enabled in Settings>Authentication>Security Settings (CC-46035).
  • Managed device status (i.e. is or isn’t a managed device) can now be used in auth rules for application access (CC-45765).
  • When disabled users are deleted in Active Directory they are now correctly deleted from Office 365 if the deprovisioning rule User Deleted in Active Directory > Delete Office 365 Object Account is set to cause it (CC-47436).
  • The reset password option is now present for Samsung devices that do not support Android for Work profiles (CC-47067).
  • IdP metadata now lists all supported NameID formats (CC-46853).
  • The link in the SMS invite for device enrollment for iOS devices now correctly directs users to the App Store to download the Centrify app (CC-46743).
  • When IWA is triggered a random Connector will now be chosen. Previously all but one of the Connectors could be chosen due to a math error, meaning that in forests with two Connectors, one was always being chosen (CC-46162).

     

For security advisories and known issues, please see attached file.

 

For 17.5 Hot Fix 1 security advisories and known issues, please see attached file.

 

Note: To receive release notes prior to the monthly product update, subscribe to the Centrify Cloud Highlights and Release Notes Tech Blog. This release information is posted in advance of the release date. Please check back at release time for updates.

Attachments:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.