After installation, we will show the following "Centrify Agent Configuration" window instead of the old configuration wizard:
In this window, we simply show a "Add service" button, with description to explain for different Centrify services and features.
Enabled services section will be empty for the first time.
When "Add service" button is clicked, we will search for available services (Centrify Identity Services Platform, Centrify Privilege Elevation Service, Centrify Auditing and Monitoring Service) and list it in next dialog. We will also verify (via reg) whether DZ/DA agent is installed on local machine and disable related services:
This will list all the available services which can be enabled on this client, with a list of features that will be available after a certain service is enabled.
Users can simply click on one service and it will bring another dialog to input the service entry.
There are 3 different services for now:
Centrify Privilege Elevation Service
Users can type in the zone name (short or full) and it will also load all available zones into the list. Once a zone is specified, click on Next button to join to the zone, a general progress page will be shown with summary/error on finish. It will require reboot once finished to activate the Access features.
If a zone is already configured with a tenant, it will detect and also show "Centrify Identity Services Platform" enabled after the zone is joined, but this Identity Services Platform will be managed by zone and shown as read-only.
Centrify Auditing and Monitoring Service
It will load all the available audit stores in current forest into the list. Users can select one and click on Next button to connect.
A general progress page will be shown with summary/error on finish.
Centrify Identity Services Platform
Users can type in the identity platform URL and it will also load regesitered platform instances in current forest into the drop-down box.
Once the URL is specified, click on Next button to enroll into the platform. It will show the same enrollment progress bar as we have now and once succeeded it will bring another dialog to ask for MFA login options:
This is the same settings dialog as we have now, by default all AD accounts are enabled for MFA login. Users can use Add/Remove buttons to add/remove users/groups accounts from standard AD object picker. Click on Next button to save the settings. Users can also close this dialog to ignore MFA login settings and set it later in control panel.
Once a service is enabled, it will be shown in the Enabled services section in the main page:
Users can click on "Add service" button to enable another service. After search, if there is no more service available, it will prompt info that all available services are currently enabled.
Enabled services are list with the data source name.
Users can click on each enabled service to modify the additional Settings or Remove the service.