This article will show you how to deny or allow access to a web application, when certain conditions are met. The conditions include:

1. Log into the Centrify Admin Portal.

2. Edit your web application and select Policy from the left column.

 

Policy left.png 

 

3. In the right pane, click on the Add Rule button. A new window will appear.

 

add rule button.png

 

   a) Click on the Add Rule button.

 

add rule too.png

 

   b) Select the desired filter and condition

 

condition list.png 

 

   c) Click on the Add button.

 

selected condition.png

 

   d) Choose an Authentication Profile to allow, deny or require multi-factor authentication. Click OK.

 

selected condition action.png

 

4. Select a Default Profile to allow, deny or require multi-factor authentication. Click Save.

 default condition profile.png

 

If you want to restrict web application access to only devices that has been enrolled into Centrify's MDM:

See instructions.

 

 

 

This article will show you how to only allow access to a web application from a device that has been enrolled into Centrify's MDM. Please note these instructions may change in the future.

 

Enroll your device into Centrify MDM

 

Configure your web application

1. Log into the Centrify Admin Portal.

2. Edit your web application and select Policy from the left column.

 

Restrict to managed devices.png

 

3. In the right pane, select the checkbox to "Use script to specify login authentication rules (configured rules are ignored)"then click on the Load Sample button. A new window will appear.

 

use script policy.png

 

4. Select the option "require strong auth for unmanaged devices.js"then click on the Load button.

 

script sample.png

 

5. In the policy script, change the value for policy.RequiredLevel  to 0. This will deny access from devices that are not managed by Centrify.

 

 edit policy script.png

 

6. Select a Default Profile to Always Allow or a predefined authentication profile to perform multi-factor authentication to access the web application. This determins if the user is logging in from a managed device. Press Save when your configuration is complete.

 

default profile.png

 

To restrict web application access based on time, location, or other device conditions:

See instructions.

Si su empresa tiene contemplado migrar su correo a Office 365 o si es un cliente actual de Office 365 y está sufriendo con los problemas de sincronización de usuarios, este artículo es para usted.

Read more...

What is provisioning?  What is deprovisioning? Why do I need it?

Read more...

Como bloquear acesso a e-mail Google Apps GMail ou Office 365 por horário

By Centrify Contributor III on ‎12-21-2015 02:11 PM - last edited ‎12-21-2015 03:13 PM

Com o aumento da adoção de sistemas em nuvem, as empresas necessitam empregar uma forma eficiente de controle de acesso a essas informações, já que essas informações não estão mais localizadas necessariamente dentro do perímetro de rede da companhia.

Read more...

Part 6: Readying your Active Directory to work with Office 365 and the Centrify Identity Service

 

Contributors: @BLau@TonyC

 

We detail the steps needed to prepare rich O365 clients such as Outlook and Skype for Business / Lync for use with Centrify for Office 365. We also provide the minimum requirements needed to allow AD users the ability to single-sign-on into their O365 environments using IWA (Integrated Windows Authentication).

 
 

Part 5: Readying your Active Directory to work with Office 365 and the Centrify Identity Service

 

Contributors: @BLau@TonyC

 

We provide the best-practices for getting your Active Directory environment ready to allow AD users to seamlessly authenticate into their federated O365 accounts. We also detail the minimum requirements needed for successful user and group syncing when Centrify Provisioning is used.

Notes: 
A detailed walkthrough can also be found in the Knowledge Base of the Centrify Support Portal: 
- KB-5053: How to configure Office 365 and integrate with Centrify for automated user provisioning
- (https://www.centrify.com/support/knowledge/)

For a full list of attributes that are synced when Hybrid Mode is enabled, see also:
- KB-4901: List of AD attributes that are synced into Office 365 cloud with Centrify provisioning
- (https://www.centrify.com/support/knowledge/)
 
 

Part 4: Readying your Office 365 to work with the Centrify Identity Service

 

Contributors: @BLau@TonyC

 

In this video, we provide a brief introduction to the Office 365 Admin Center, then a walk through the Office 365 tenant's domain and DNS registration steps. Finally, we show where and how to enable Directory Synchronization in Office 365 for integration with Active Directory.

 

Note: A detailed walkthrough can also be found in the Knowledge Base of the Centrify Support Portal:
- KB-5053: How to configure Office 365 and integrate with Centrify for automated user provisioning
- (https://www.centrify.com/support/knowledge/)

 

Part 3: The Different Account Types of Office 365

 

Contributors: @BLau@TonyC

 

Microsoft Office 365 offers a range of different account types to serve the wide array of domain environments that exist in the corporate world. This video will run through each type of account and their login flows, and then demonstrate how the Centrify for Office 365 application can be incorporated to provide a consistent user experience - no matter what type of O365 account is used in the environment.

 

Part 2: Components of the Centrify Identity Service

 

Contributors: @BLau@TonyC

 

In this short video we run through the three core components that make up the Centrify Identity Service; the Centrify User Portal, the Centrify Cloud Manager and the Centrify Cloud Connector. We show how each component fits into the infrastructure and what the user experience will be when interacting with these components for both Microsoft Office 365 as well as other SaaS applications.

 

Part 1: An Introduction to the Centrify Identity Service and Centrify for Office 365

 

Contributors: @BLau@TonyC

 

We provide a brief overview of both the Centrify Identity Service and Microsoft Office 365. A quick introduction of how the two can be integrated together to give the most comprehensive and convenient user management for O365 Administrators, while simultaneously presenting a seamless experience for end-users.

 

Showing results for 
Search instead for 
Do you mean 
Labels
Leaderboard

Community Control Panel