Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

Centrify 18.1 Release Notes

11 April,19 at 11:50 AM

New Features - Centrify Application Services (formerly known as Identity Services)


Multiple Security Questions


  • Administrator can set policy enabling users to provide a bank of security questions
    • Questions can be both Admin-Defined and User-Defined
    • Administrator can set policy for minimum character length
  • Number of security questions user must answer can now be defined under Authentication Profiles 
  • User is prompted to setup security questions in User Portal
  • MFA using security questions will randomly select a security question from the bank of questions

multiple security.gif


Simplified SAML Configuration


  • SAML app templates have been improved

    • Clearly break out setup of the Trust Relationship
      • New “Trust” tab as been added
    • Simplified ability to configure the SAML Response
      • New “SAML Response” tab, featuring:
        • An Attribute Mapping Widget
        • A Script Editor for custom logic




Create Groups via Role Mapping


  • For apps that support provisioning, administrators can now create Groups in the app based on Roles in our platform

    • Groups can be automatically created in target app

 role mapping.png



    New Features - Centrify Endpoint Services


    End-user Checkout for Mac LAPM Account


    • Policy allows end user LAPM checkout

      • End-user checkout is not allowed by default
      • If enabled, checkout is available for enrolled users only
      • Checkout is done through the user portal
      • Checkout from mobile device will be coming soon in future release




    Install only iPad compliant apps on iPads


    iOS Apps will only be deployed to compliant devices

    • Based on the devices supported as identified by the app developer
    • If an app is not supported on an iPhone or iPad, it will not deployed and will not show up in the Company Apps catalog



    The following apps have been added to the catalog:

    • 6sense (SAML)

    The following apps have been updated:

    • Amazon Web Services (User/Password)
    • Highfive (SAML)
    • JIRA Cloud (SAML)
    • G Suite (SAML+Provisioning)


    New Features - Centrify Infrastructure Services (formerly known as Privilege Service)



    Discovery of IIS Application Pool Identity


    • This feature enhances the existing AD-based Discovery introduced in 17.10

      • Discovery filters have added IIS Application Pool identities in addition Scheduled Tasks, Windows Services
      • Same rules apply.  IIS Application Pools will be discovered as long as they are using a domain or local identity




    Resolved Issues and Behavior Changes


    The following list records issues resolved in this release and behavior changes.


    • A new Active Directory permission has been added for Privilege Service called “Add Account”. This permission is required for administrators that add managed or unmanaged Active Directory account passwords into Privilege Service. Existing users (even if they have the Privilege Service Administrator entitlement) will not be able to add Active Directory accounts until they explicitly add the permission under the target domain’s permissions tab.
    • Search for apps in the User or Admin portals now uses “contains” style searching rather than “begins with”. Search will match a string as long as that string is contained within the app name (CC-54222).
    • The SSO status of the device now shows correctly in the User Portal device details page (CC-36580).
    • In-house iOS apps are now only shown in the Company Apps store on a device if they are compatible with the device. Universal apps are shown for all device types, but iPad apps are not shown for iPhones and vice versa (CC-33856).
    • It is now possible to add users to roles, or invite users, by searching by first name or last name (CC-44032).
    • Support has been added for OpenID Connect apps that do not support https. http URIs are now supported (CC-53010).
    • Fingerprint authentication now works on Android devices after the device resume from the lock screen (CC-53006).
    • The SharePoint Server app now allows external users to access via the App Gateway (CC-53369).
    • The SharePoint OnPrem app now supports linked apps (CC-52744).
    • The serial number for Centrify-provisioned derived credentials on Android devices is now shown. Previously they were only shown on iOS devices (CC-53665).
    • The location of iOS devices is now correctly updated periodically, as well as when a location change occurs, when the policy is enabled (CC-53466).



    For security advisories and known issues, please see attached file.


    Note: To receive release notes prior to the monthly product update, subscribe to the Centrify Cloud Highlights and Release Notes Tech Blog. This release information is posted in advance of the release date. Please check back at release time for updates.