Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

Centrify 21.6 Release Notes

18 September,21 at 01:36 AM

Updated 17 September 2021

New Features for Centrify Vault Suite



MFA Redirection

Expanding on our MFA everywhere best practice, this new release supports MFA redirection for additional authentication factors, allowing users to perform MFA on behalf of another user. An example use case is for system administrators with multiple accounts – a main low-privilege account for routine tasks such as email and web surfing, and additional “dash-a” or “alternate admin” accounts used for privileged tasks. Second factors need only be configured on the main account but will be applied when using any alternate admin accounts and an MFA policy is triggered.
 

Como habilitar autenticação multi-fator (MFA, 2FA) para Windows com Centrify

 

This feature is a huge step up in convenience and security, reducing 2nd-factor maintenance for admins. This capability also applied to apps using application accounts that require additional proof of legitimacy from a human, adding an extra layer of MFA assurance.
 

ServiceNow MID Server Plugin update

In addition, with this release, we continue to enhance our support for the popular enterprise platform, ServiceNow. Our MID Server integration now supports multiple credential types.
 

Notice of discontinuation

  • Self-hosted Privileged Access Service has been deprecated and is no longer updated with each release, the last release being 21.5. Customers using self-hosted Privileged Access Service should migrate to using Hyper-scalable Privilege Access Service.
     
  • As a performance improvement, the 'Rights' column from the Server and VaultAccount tables in reports will be eliminated in a future release. This column is expensive to calculate and not needed in most use cases of these tables. If you have existing custom reports that reference the 'Rights' column in the VaultAccount or Server tables, they will need to be updated to remove the column reference.  If not updated, custom reports that use this column will cease to function when the 'Rights’ columns are removed (CC-78591).

Changes in Hot Fix 1

  • Resolved an issue where performing step up authentication challenges with a user that had MFA redirect enabled would cause the challenge to fall into an infinite challenge loop (355167).
  • Fixed an issue where setting a redirected user and then changing to another user would occasionally revert to the original user.

Changes


The following list records issues resolved in this release and behavior changes.

 
  • Commas in DBPassword are now supported and no longer cause errors in sub scripts (CC-76357).
     
  • The license key is now checked on new installations in Hyper-scale Privileged Access Service (CC-78834).
     
  • Periodic updates to Connectors now only update the connector if something has actually changed (CC-78845).
     
  • It is now possible to retrieve an SSH key from a report (CC-77169).
     
  • When launching apps via the Gateway, an app will fail to launch with an unauthorized exception when blocked by policy (CC-78463).
     
  • Enabled native RDP and SSH services are now shown on a system’s Connector page for tenants on AWS pods (CC-78726).
     
  • Maps are now shown in appropriate v2 reports (CC-78808).
     
  • Sorting now works for v2 reports on AWS pods (CC-78809).
     
  • Resolved an issue where in some cases after the 21.5 back end upgrade the Reports tab was missing from the Portal (301523).
     
  • Improved performance when a system is deleted from the Privileged Access Service (300292).
 

Supported Platforms

Centrify Connector

  • Windows Server 2012r2, Server 2016, Server 2019

Self-hosted Centrify Privileged Access Service

  • Windows Server 2012r2, Server 2016, Server 2019

Hyper-scalable Centrify Privileged Access Service

  • Windows Server 2016, Server 2019

Centrify Clients for Linux

Client for Red Hat 6:
  • Red Hat Enterprise Linux 6.9, 6.10, 7.5, 7.6, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3
  • CentOS 6.9, 6.10, 7.5, 7.6, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3
  • Fedora 33, 34
  • Oracle Linux 6.9, 6.10, 7.5, 7.6, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3
  • Amazon Linux 2 Latest Version
     
Client for Red Hat 7 (ARM architecture):
  • 7.6, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3
     
Client for SUSE 12
  • SUSE 12 SP3+, 15

Client for Debian 9
  • Debian 9.0 – 9.13, 10.0 – 10.9
  • Ubuntu 18.04LTS, 20.04LTS, 21.04
     
Client for Alpine Linux 3
  • Alpine Linux 3.13
     
Client for CoreOS
  • Latest Version

Centrify Client for Microsoft Windows

  • Windows 10 LTSB/LTSC, Windows Server 2012r2, 2016, 2019 LTSC

Windows PAS Remote Access Kit

  • Windows 10, Server 2012r2, Server 2016, Server 2019

Centrify app for Android

  • Android 5 (API level 21) and later

Centrify app for iOS

  • iOS 12 and above


(Tested systems and devices for Privileged Access Service are listed in the documentation)