Centralized Identity and Access Management

Consolidate user accounts and groups into Active Directory and enforce separation of administrative duties. Eliminate multiple identities and ensure a "one user, one identity" framework that strengthens security, lowers IT costs and streamlines your organization.

Organizations with hundreds or thousands of UNIX and Linux systems are plagued with managing identity on local systems or independent identity stores. With so many independent and often overlapping identity silos, consolidating identity to a single directory can be challenging and time consuming. Most other solutions require an organization to completely rationalize and homogenize all user identities before consolidation can occur.


Centrify Zones Centralize User Profiles

Quickly consolidate complex and disparate UNIX and Linux user identities into Active Directory with Centrify's patented Zone technology — without having to first rationalize all user identities. Centrify's Zone technology enables you to manage your heterogeneous environment by tying the rights a user has on a Windows, Linux, or UNIX system with a single identity, stored and managed in Active Directory.

Large organizations may require a hierarchy of zones to manage users who need access to thousands of systems,across multiple departments. Centrify Zones are as simple or as sophisticated as necessary.

Delegate Access Through Centrify Zones

Easily establish global UNIX identities, manage exceptions on legacy systems, separate identity from access management and delegate administration of groups of systems. Create computer roles, user roles, and role assignments to control access and manage user privileges across your Windows, Linux, and UNIX systems at a granular level.

Once roles are configured, it's simple to assign new users to a role, move users from one role to another, or remove users entirely. Centrify Zones enable you to define roles and role assignments at any level within your Zone hierarchy, and specify whether those properties are inherited or overridden at any individual level.

Ensure Separation of Duties

Centrify's Zone technology takes advantage of Active Directory's own delegation model to ensure separation of duties. For example, corporate IT staff can retain the privilege to create Active Directory users and computers. Administrators of Centrify Zones need only the authority to change the Centrify Zone data within Active Directory. Windows or desktop admins don't have access to UNIX data and UNIX admins don't have access to user objects.