Centrify Identity Service (all versions)Question:
When viewing the Users list in the Centrify Cloud Manager, it has been noted that not all Active Directory users are displayed. Is this
expected behavior and how is this page used if administrators are unable to manage all users? If users are not listed, what actions
are needed to populate the User list?Answer:
The Users page in Cloud Manager lists all of the user accounts in the Centrify identity platform. This includes all of the users
created in the Centrify user service and Active Directory/LDAP users the cloud service is aware of. The Centrify identity platform does
not replicate Active Directory/LDAP accounts and their attributes to the identity platform. Instead, the accounts are referenced when the
user logs in to the user portal, enrolls a device, opens a password-protected application or is provisioned by an application.
The User list is not intended to be a management replacement for Active Directory Users and Computers. Users listed in the portal allow
administrative actions to be performed such as individual user provisioning, enable and disable of SSO features and MFANote:
If attempting to perform administrative functions for Active Directory users such as individual user provisioning, enable and
disable of SSO features and MFA but the user is not listed, the user has likely not performed any of the above actions. Administrators
may choose to manually invite the user to the cloud service
as an alternate action using "Invite users" option on the User list.
This will populate the user within the list after the page is refreshed. After the account appears in the list, administrative tasks can be
performed for their account.
For additional information, please refer to the online help section: Managing Users