madison

The Apple Core

Jason D. O'Grady & David Morgenstern
Home / News & Blogs / The Apple Core

Centrify releases new, free Mac and Linux integration toolkit for Active Directory

By | July 22, 2010, 10:44pm PDT

Windows management vendor Centrify this week released Centrify Express, its new integration package for Windows Active Directory services. The software toolkit is a free, lite version of its Centrify Suite, which provides greater policy and identity management capabities, and features such as server isolation and encryption of data-in-motion.

In his blog, Centrify president Tom Kemp said the new software would bring Active Directory control authentication to SMBs and other small organizations. He said these companies would appreciate the growth path to the company’s more-capable Centrify Suite.

Third, we were getting requests from many people who had tried other free Active Directory integration tools and found them very unreliable, difficult to deploy on a mass scale, and did not play with existing software such as Samba. We were getting tons of requests from Ubuntu and Red Hat and Mac users asking if we could do better. Our answer was Yes! …

So instead of providing a one-off toolset for Active Directory authentication, we decided to give away a subset of the same enterprise-hardened technology that our 2,500+ customers have in production on hundreds of thousands of servers today. I think you will find our solution much more reliable and mature compared to other solutions, and be better optimized from a login experience perspective.

But even if you have AD authentication taken care of on your non-Microsoft systems, customers don’t want to “manage the management system.” That’s why we are also providing DirectManage Express as part of our Express offering to centrally deploy and/or upgrade our agent on dozens or hundreds of systems.

But before DirectManage Express even does that, DirectManage Express also provide a means to do a centralized and automated pre-install check. The net net is this is a huge time saver over sneakernet and manually checking if a system can become an Active Directory client. DirectManage Express also provides the ability to quickly login to those remote systems via integration with SSH/SNC/VPC, and to view local system accounts, etc.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “The Apple Core”

Topics

Linux, Apple Macintosh, Centrify, Authentication, Software Toolkit, Microsoft Windows Active Directory, Directory Services, Security, Enterprise Software, Software, David Morgenstern

David Morgenstern has covered the Mac market and other technology segments for 20 years.

Disclosure

David Morgenstern

Freelance journalist/blogger David Morgenstern has nothing to disclose.

Biography

David Morgenstern

David Morgenstern has covered the Mac market and other technology segments for 20 years. In the recent past, he founded Ziff-Davis' Storage Supersite, served as news editor for Ziff Davis Internet and held several executive editorial positions at eWEEK. In the 1990s, David was editor of Ziff Davis' award-winning MacWEEK news publication as well as its successor title, eMediaWEEKly, which focused on multiplatform professional content creation. His byline can be found online and in print publications including CreativePro.com, Peachpit Press' Mac Bible and Popular Photography.

Talkback Most Recent of 7 Talkback(s)

  • RE: Centrify releases new, free Mac and Linux integration toolkit for Active Directory
    Perhaps I'm missing something here. Mac OS X already has Open Directory & Active Directory integration so how is Centrify Express of value?
    ZDNet Gravatar
    Masari.Jones
    23rd Jul 2010
  • RE: Centrify releases new, free Mac and Linux integration toolkit for Active Directory
    It's a very good question actually. A few points and I hope this helps.
    -Consistency across platforms (e.g. Linux) and across versions of Mac OS X
    -Deployability and upgradability via DirectManage Express
    -Integration w/ third party solutions such as PuTTY etc.
    -Support for multi-Domain, multi-Forest (one way and two way trusts)
    -Computer account password periodic updates just like windows to prevent the computer from looking like a stale account.
    -Upgradability to additional capabilities such as group policy and smart-card support on the Mac platform

    (disclosure: I work for Centrify)
    ZDNet Gravatar
    ryan.vong
    23rd Jul 2010
  • Still not clear
    Ryan, I'm afraid that none of that is very clear, except the fact that, yes, it is a 'lite' version and you'd love us to get hooked so we want to upgrade to the full version.
    Do we install stuff on the Server? Is the Windows guy gonna be unhappy? Do we install stuff on the macs? I dont understand "account password periodic updates". The server has a policy... after the interval, the message pops up on the day telling the users they need to change their password and they all freak out. How does Centrify Express lighten this pain? Get your marketing people to make a table with the problems on one side and how C.E. fixes them on the other.
    ZDNet Gravatar
    Jasonology
    26th Jul 2010
  • RE: Centrify releases new, free Mac and Linux integration toolkit for Active Directory
    Ah..ok.

    Centrify Express does not require installing any software on the Windows Domain Controller or Windows Administrator's workstations. It also does not require storing any UNIX data in Active Directory since it will dynamically generate the user's UNIX profile from the existing Active Directory user object information. Windows administrators will be very happy that they can manage user accounts for the Mac exactly like they do for Windows systems today.

    When the Mac joins Active Directory a Computer Account will be created in Active Directory in the Computers container. This account has a corresponding password which Centrify Express will maintain for the life of the computer by periodically changing the password. This will ensure that the Mac computer accounts do not show up as "stale" accounts in AD, which is something that Administrators will search for when cleaning up Active Directory.

    In most environments, users are required to change their password every 90 days or so depending on your security policy. Centrify Express will warn users a week before the password expires so that the user has a chance to change it before it actually expires. When the user does change the password, it will be updated in both Active Directory as well as the Login Keychain so that the user is not challenged for multiple passwords at login (one for AD and one for the Keychain). You can fine tune the configuration of Centrify Express by modifying the configuration file (/etc/centrifydc/centrifydc.conf) adjusting the password expiration warning if desired.

    The primary benefit of Centrify Express on Mac OS X is that it provides a more natural upgrade path for IT Administrators who need to get the Macs joined into Active Directory for user authentication and password management where they want to eventually lock down the configuration of the system, centrally managing security settings using Group Policy in the future upon upgrade to Centrify DirectControl (this is accomplished by simply installing administrator tools and licenses in Active Directory, no software changes on the Mac).

    -Great suggestion on the table.
    ZDNet Gravatar
    ryan.vong
    29th Jul 2010
  • Question about licensing
    @ryan.vong Thanks for the great explanation. I have one question regarding the licensing of the paid license. Is price per user a one-time fee or is there a monthly or annual renewal fee?
    ZDNet Gravatar
    phcranston
    25th Aug 2010
  • RE: Centrify releases new, free Mac and Linux integration toolkit for Active Directory
    expover microsoft internet working at sites with the
    - and sohbet odalari - and mynet - mynet sohbet -
    turkey the microsoft is a good format is also face -
    - metin2 pvp -
    operiation facebok - twitter
    Behaviour of desdek bigger role in these sites sohbet Microsoft A network connection to the game s dada gubve unwanted surprises
    metin2 pvp serverlar -
    facesohbet -
    and yonja - and facebok - sex sohbet - sex hikayeleri - and- and facebook - and fesbuk - and sohbet - and cet - - and metin2 indir - and metin2 resimleri - and metin2 kaydol - ang metin2 -

    fesbok giris
    room turkey
    twitter sohbet portallari netlog and twitter t?rkce and twitter giris and twitter kaydol
    fesbuk

    turkiye mt2, metin2 online games serverlar
    and and and mt2 pvp server and metin2 pvp server and metin2 and pvp server and metin2 pvp serverlar and metin2 pvp serverler and
    pvp serverler and pvp serverlar



    istanbul sohbet istanbul sohbet sitesi istanbul sohbet odasi istanbul sohbet odalar?


    ankara sohbet ankara sohbet odalar? ankara sohbet sitesi ankara sohbet odas? izmir sohbet izmir sohbet odalar? izmir sohbet sitesi izmir sohbet chat bursa sohbet bursa sohbet odalar? bursa sohbet siteleri bursa sohbet odasi seviyeli sohbet seviyeli sohbet odalar? seviyeli sohbet siteleri seviyeli sohbet kanalalr? yonja netlog twitter face facebook pvp


    Bunu mu demek istediniz? Cok guzel bir oyun be?eni ile oynuyorum ama bunun metin2
    Metin veya web sitesi adresi yaz?n ya da bir dok?man? ?evirin.
    ?ptal
    Dinleyin
    Fonetik olarak okuyun
    T?rk?e dilinden ?ngilizce diline ?eviri
    I play a game with very nice, but it metin2
    metin2 pvp
    metin2 pvp serverler

    and install servers by lara s depending on the tour game bilrisiniz
    ZDNet Gravatar
    zafer12
    12th Aug
  • RE: Centrify releases new, free Mac and Linux integration toolkit for Active Directory
    Maintain mulberry alexa submitting things comparable to this i primarily like it
    ZDNet Gravatar
    jackson1984-24316069205748857739440257893812
    11th Oct

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources