Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-11539: Centrify Only - Customer Branding Changes

23 February,19 at 12:05 AM

This article describes planned changes for Centrify products and services on February 23rd, 2019 and applies to Centrify-only customers (as distinct from Idaptive-only, or joint customers) who subscribe to the Centrify Privileged Access Service (PAS). The attached PDF file towards the end of this article can be used for end-user communications.

 

Overall Administrator Experience

As Centrify administrators, you can expect to see some minor cosmetic and functionality changes to the User Portal, Admin Portal, Centrify Browser Extension (CBE), and Centrify mobile application. Our overriding goal is to improve your experience and productivity by providing you with a unified experience -- all PAM-related functionality now being in one convenient place, making your life easier.

User Portal

Access and management of all your resources is now handled via a unified interface to help streamline your workflow. As such, there is no distinct User Portal nor a corresponding Switch to User Portal option in the unified user interface. The default User Portal URL of the form: aap1234.my-test.acme.com/my will no longer function.

All user functionality will now be through a unified Admin Portal as described below, with a PAS-relevant subset of User Portal capabilities migrated here for convenience. Likewise, all relevant notification banners will now appear in the unified Admin Portal.
 

Unified Admin Portal

General

The default portal URL of the form: aap1234.my-test.acme.com/manage will now default to the form: aap1234.my-test.acme.com/home.

User-added image

Previously, customers were able to give certain admins the ability to remotely log into servers but without login rights to the Admin Portal. This was achieved via login to the User Portal. For backward compatibility, these users may now be granted a minimal set of rights to log into the unified portal with limited access to the Workspace, User Preferences and Profile (see below for details). 

Users will see a new Centrify Privileged Access Service splash screen with links to a product Overview and a download link for the Centrify Connector.

User-added image

Menu Navigation

Users will now see a simplified menu layout to improve your navigation, one that makes more sense given Centrify’s exclusive focus on PAS.


Some menu items such as Endpoints have been removed and other menu items renamed and/or recategorized. The images below show the before and after top-level menu items and as you can see, more common items are now conveniently located at the top level.
 
Pre-February 23rd Menu ItemsPost February 23rd Menu Items
User-added imageUser-added image
 

The table below summarizes the major changes:
Pre-February 23rd Menu ItemsPost February 23rd Menu Items
DashboardsDashboards
Core Services
 
Replaced with a new Access menu item
Core Services -> Reports is now its own top-level menu item
AppsApps
Apps -> Mobile Apps removed
Apps -> Web Apps now contains a reduced set of apps tailored to administrative use vs. end-user. Prior apps configured in User Portal are retained
EndpointsRemoved
InfrastructureReplaced with new Resources menu item
Infrastructure -> Discovery item is now its own top-level menu item
Infrastructure -> Workspace is now its own top-level menu item
DownloadsDownloads
Downloads -> Mac agent removed
Downloads -> Mac Tools removed
SettingsSettings
Settings -> Customization is now Settings -> General
Settings -> Endpoints is removed
Settings -> Authentication -> FIDO U2F Security Keys moved to Access
Settings -> Authentication -> OATH Tokens moved to Access
Settings -> Authentication -> Derived Credentials is removed
Settings -> Network -> SafeNet KeySecure Configuration moved to Settings -> Resources
Settings -> Users -> Social Login removed
Settings -> Users -> Inbound Provisioning removed
Settings -> Users -> Outbound Provisioning removed
Settings -> Users -> Administrative Accounts is now accessed under Resources -> Domains
Settings -> Resources is a new menu item
Settings -> Enrollment is a new menu item

Web Apps

User-added imageThe Web apps for Centrify will no longer support the Apps and End Point centric apps in the catalog.

If you have previously configured Web Apps in the User Portal, for your convenience those same applications will be automatically migrated to the Apps -> Web Apps screen of the unified portal along with their configured permissions.

 
These applications can be launched via the Actions menu (or workflow-based Request to launch, if configured via the application’s Workflow tab) and will continue to function.  Once deleted, these web apps if not available in the Centrify catalog , can no longer be added back.


Security, Devices, and Activity

User-added imageAccess to your Security settings (password change, security questions, passcodes), Devices, and Activity data can now be found in the new Profile option under your account name.
 
 
This is also where you will add 2nd factors for multi-factor authentication (MFA), such as an OATH OTP Client

User-added image

 

Workspace

 

User-added image

 
The Workspace tab has a new widget called My System Accounts. Any local accounts (e.g., root on Linux) with a new Workspace Login permission box checked on it will be listed here

User-added image

 

This is a convenience to customers who previously deployed System Accounts to users who only had User Portal access for remote login to servers.

Note that the Workspace Login permission replaces the legacy Portal Login permission.

Centrify Browser Extension (CBE)

The Centrify Browser Extension will be updated to the new Centrify Browser extension and will no longer have the following Application services functionality
  • Land and Catch
  • Form fill
  • App capture for the FireFox extension
CBE updates were previously notified and actionable only in the User Portal. Relevant notifications are now sent to the Apps -> Web Apps screen of the Admin Portal. This banner will show up when a new release of the CBE is available.

User-added image

Any new install of the CBE after February 23rd will receive the new Centrify Browser extension.
 

On-Premises Privileged Access Service

During upgrade, Centrify customers who have licensed the on-premises (customer-managed) version of the PAS will need to set an Advanced Configuration option to disable all the legacy portal features including access to the User Portal.

This new Advanced Configuration key is called EnableNewCentrifyExperience. If the logged-in admin user sets this key to True, the Apps and Endpoints entitlement will be removed, the page reloaded, and the user will experience the new Centrify Admin Portal. THIS IS THE RECOMMENDED SETTING FOR ALL CENTRIFY-ONLY CUSTOMERS

If the key is not set, deleted, or set to False, the Apps and Endpoints entitlement will be added, the page reloaded, and the user will experience the legacy portal. However, please note that in the upcoming 19.2 release, the EnableNewCentrifyExperience setting will be forced.

Mobile Applications

User-added image
If your mobile app was set to auto-update, you may find that it has already updated, but to a new Idaptive-branded User-added image app. 

 
iOS Device users:
The new Centrify-branded iOS mobile app will be available at a later time after 2/23.  Centrify will notify customers when the latest Centrify iOS mobile app is available.  Till then, you should continue to use the Idaptive-branded mobile app.  Idaptive-branded mobile app functions exactly the same as previous version of Centrify.
 

Android Device users:
As a Centrify only customer, you should uninstall this app and install the latest CentrifyUser-added image  mobile app from the App Store. Your mobile device must then be re-enrolled with your production tenant. This mobile app enrollment process is unchanged other than a few Profile enrollment steps no longer being necessary.
              
The overall mobile app experience is unchanged other than the Apps section being removed. You can checkout passwords from the Systems tab, use Centrify’s built-in authenticator from the Mobile Authenticator tab, and access 3rd-party passcodes from the Passcodes tab.

Centrify Cloud Agent for Windows

In release 19.3, a new Centrify Windows Agent will be available from the Admin Portal (downloads). This cloud based agent can be used for MFA for servers and brokered authentication. For privilege elevation and auditing please install the Windows agent , from our download center: https://centrify.force.com/support/CentrifyDownload.
 

 
Attachments:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.