Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

Centrify 19.1 Release Notes

11 April,19 at 11:51 AM

New Features - Centrify Privileged Access Service

Force rotation of account passwords

Security incidents may require an immediate update to all, or a selection of, an organization’s managed account passwords.

  • Enable PAS administrators to rotate managed account passwords on demand.
  • Select from Managed Accounts list
  • Starts password rotation job immediately
  • Email notification when job is complete
  • Activity and job history status of all password rotations
  • Independent of scheduled password rotation policy

19.1_PAS1.png

19.1_PAS2.png

 

Escrow encrypted password catalog

Secure, encrypted catalog for operational recovery of infrastructure supporting the solution.

In parallel with HA/DR, keep an optional daily backup of your passwords.

  • Encrypted file (CSV)
  • All account passwords
  • Intended for highly privileged administrators
  • OpenPGP key
  • Encrypted file e-mailed on a periodic daily schedule
  • Configured through the REST API

 

New Features - Idaptive Application and End Point Services

 Adaptive SSO, Adaptive MFA, Lifecycle, Mobile & Endpoint Security

  • Custom portal login banner: Customization feature to display custom pre-login message to the user logging into the Idaptive user portal.
  • Connector/Browser Extension Branding for Idaptive: Rebranding of existing Centrify Browser extension to Idaptive for all currently supported browsers.
  • ADFS 3.0 MFA Plugin available on Idaptive Github: MFA plugin for ADFS 3.0 available through Idaptive Github. https://github.com/idaptive/mfa-adfs-plugin
  • Partner Federation: Relay State support for SAML for auto-launch of apps without landing on the SP portal.
  • Better visibility into users by type: User count type by user, OAuth2, Computer, Service types.

 

Frictionless Trial and Onboarding

 

  • New Getting Started Wizard
  • Frictionless Trial: updated system emails

 

Resolved Issues and Behavior Changes

The following list records issues resolved in this release and behavior changes.

 

  • It is now possible for users who either logged into the portal before their password expired, or who use IWA or certificates to login, to change their password once it has expired (CC-64966, CC-65063).
  • Devices marked as personal can now successfully be imported to be corporate-owned (CC-64777).
  • Android for Work mobile app deployment and auto-install once again work as documented (CC-60982, CC-63610, CC-63684).
  • Reapply policy no longer removes bookmarks from the home screen on Android devices using Android 7 or earlier (CC-64498).
  • Options to unenroll a device are now not shown if the selected device was enrolled via device-owner mode (CC-63779, CC-63372).
  • In device-owner mode the delete command now wipes the selected device rather than unenrolling it (CC-63994).
  • Where Partner Management has been configured between an external IdP (i.e. one that is not Centrify) and the cloud service, and a user has IdP single-signed on to the cloud service via Partner Management, it is now possible to launch SAML apps without the User Portal being visible during the launch / sign-on (CC-64706).
  • Administrators now have the ability to assign a Windows machine to a user on the Endpoints page. A “Set User” command will be displayed if the Windows machine is not currently assigned to any user (CC-64748).
  • Administrators can now create a custom login banner for the User Portal. Banners can be created in plain text in multiple languages, and once configured will be shown to users on login until the button is clicked on the dialog. An event is logged when the user clicks the button (CC-64330, CC-64850).
  • Administrators and users can now choose a default view for apps, choosing between grid or grouped, large or small icons, with/without titles (CC-64471).
  • Privilege Access Service limited view users are no longer able to view database accounts if they do not have view permissions on the database (CC-64022).
  • Windows sessions being audited through the Privilege Access Service portal no longer show as disconnected in the audit analyzer (CC-64439).

 

The following apps have been updated:

  • PollEverywhere (User / Password)
  • LinkedIn (User / Password)

For security advisories and known issues, please see attached file

 

 

Note: To receive release notes prior to the monthly product update, subscribe to the Centrify Cloud Highlights and Release Notes Tech Blog. This release information is posted in advance of therelease date. Please check back at release time for updates.

Attachments:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.