Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-4644: How to enable IWA login from off-site locations

App Access Service ,  

12 April,16 at 11:22 AM

Applies to: Centrify Identity Service with Internet Explorer

Question:

IWA login is working for computers that are on the company network. Users who are off-site will need to use a VPN in order for Internet Explorer to detect the domain and use IWA for them as well.

Is there a way to enable IWA for off-site users without the need for a VPN?


Answer:

Option 1:

Go to: Cloud Manager > Settings > Corporate IP Range

Enter the IP addresses of any external locations that users might be logging in from. IP addresses entered here will be considered part of the local intranet of the domain.

For more information, see:
- Configuring cloud service settings > Setting Corporate IP Ranges


Option 2:
 
Open Internet Options and add the Centrify login URL to the Local Intranet Security Zone (e.g. https://*.centrify.com).
This will cause Internet Explorer to consider this site as internal. IWA logins can then invoked by using the following URL format:
 
- https://cloud.centrify.com/my?customerid=ABC123

(Where ABC123 is the Tenant ID or login suffix of the Centrify Cloud Service account)
 
For more information, see the "Adding a web site to the local intranet security zone" section in the online documentation:
Configuring Internet Explorer security zones > Adding a web site to the local intranet security zone
 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-7074: Why is Centrify changing IWA, what changes are being made, and how can I ensure IWA continues to work as expected post 16.7? articleKB-4257: Troubleshooting Integrated Windows Authentication (IWA) with Centrify Identity Service articleKB-11071: Logging Into a Windows Machine that is MFA Enabled, the Message is Seen "Unable to load profile: Profile does not exist" articleKB-7934: How to import IWA root certificate manually to enable Windows MFA articleKB-5869: How to bypass single-sign-on and force username password authentication in IWA-enabled environments. articleKB-7555: Unable to login as root after upgrade to Centrify Suite 2016 (CDC 5.3.0) articleKB-6041: How to show current license type in use by adclient articleKB-3925: How to add Centrify parameter to a group policy articleKB-6040: How to change the license type in use after adclient successful joined to the AD?