11 April,19 at 11:50 AM
New Features - Centrify Identity Service
3rd Party RADIUS (e.g., RSA SecurID) Support
Accept MFA responses from 3rd party solutions through RADIUS.
Settings > Authentication > RADIUS Connections > Servers
Settings > Authentication > Authentication Profiles
Settings > Network > Cloud Connector > Enable RADIUS Client
Policies > User Security Policies > RADIUS
Dashboard Updates
Dashboard UI has been refreshed with the following enhancements:
Black / White Options
Click on the ellipsis icon (…) for menu to set a dashboard as the default
New Dashboards: Security Overview
UI Enhancements
Additional UI Enhancements include:
About Menu > Pod Information
Infinite Apps Refresh
Cloud Connector Page Design Refresh
Smart Card Support for Office 365 Thick Clients
Smart Card authentication is now extended to thick clients for Office 365!
Derived Credentials UI Improvements
Gmail is now the default email app in Android for Work
In addition, the following apps have been removed from the app catalog: Veer, Unison
New Features - Centrify Privilege Service
On-site Deployment Option
CPS now has two deployment options:
Deprecating the Centrify CLI Toolkit
The CLI Toolkit will be removed from CPS entirely in release 16.10. Similar functionality to that in the CLI Toolkit will be available in the new command-line tools in the Centrify Cloud Agent in CPS release 16.10. Centrify will end support for the CLI Toolkit in CPS release 16.12.
Changes to CLI commands in the Centrify Cloud Agent:
Supported Platforms
The following platforms are supported by the Centrify Privilege Service (CPS) CLI toolkit:
Red Hat 6.7, 7.1, 7.2
CentOS 6.7, 7.2
Oracle 6.7, 7.2
Fedora 24
SLES 11 SP3, 12
Ubuntu 12.04LTS, 14.04LTS, 16.04LTS
Notes:
The Centrify CLI Toolkit is deprecated in release 16.8, and will be removed from CPS entirely in release 16.10. Similar functionality to that in the CLI Toolkit will be available in the new command-line tools in the Centrify Cloud Agent in CPS release 16.10. This functionality includes the application-to-application password management (AAPM) feature set.
End of life for support of the CLI Toolkit
Centrify will end support for the CLI Toolkit in CPS release 16.12, targeted for December, 2017. In addition, because of updates to Kerberos, Centrify Server Suite will support only the new Centrify Cloud Agent feature set as of Server Suite 2017.
Centrify strongly recommends that customers use the new Centrify Cloud Agent feature set beginning with CPS version 16.10.
Changes to CLI Commands in the Centrify Cloud Agent
A new service account will be used to join a computer to the customer’s Centrify cloud tenant. The "service account" will be a cloud user account with a name like
{hostname}$@{tenant.alias}.
The Kerberos-based join (aka -k option, with the Centrify Server Suite DirectControl agent) will be dropped.
There will be no requirement for the computer to be joined to an Active Directory domain in order to use the new cloud agent.
Platform changes
Support for the Fedora platform will be dropped in 16.10. The matrix below lists the platforms that will be supported by the Centrify Cloud Agent in release 16.10 for AAPM, and for user authentication from either a cloud user account or a user account from an Active Directory instance connected to the customer's Centrify cloud tenant.
Platform |
AAPM |
Login |
RHEL |
Y |
Y |
CentOS |
Y |
|
Oracle |
Y |
|
Fedora |
|
|
AMI |
Y |
Y |
SLES |
Y |
|
Ubuntu |
Y |
|
Resolved Issues and Behavior Changes
The following list records issues resolved in this release and behavior changes.
For security advisories and known issues, please see attached file.
Note: To receive release notes prior to the monthly product update, subscribe to the Centrify Cloud Highlights and Release Notes Tech Blog. This release information is posted in advance of the release date. Please check back at release time for updates.