Learn how to protect Office 365 accounts from brute force attacks and prevent account lock outs. This article will show you how to use password-less authentication to prevent AD account lockouts and distracting MFA notifications caused by brute force attacks.Read more...
This tech blog explains how an Administrator can extend Active Directory to include Exchange server specific Active Directory Attributes, to use some additional Exchange specific features with Office 365, even though Exchange server is not/was not installed on premise.Read more...
This article will show you how to secure the access to a web application by prompting for multi-factor authentication or denying access, when certain conditions are met. Go here to set conditions for logging into the Centrify User or Admin Portal. The conditions to require mult-factor authentication or block access include:
- IP Address (Make sure you first configure a corporate IP range to use this option)
- Identitiy cookie
- Day of the week
- Date range
- Time range
- Device OS
1. Log into the Centrify Admin Portal.
2. Edit your web application and select Policy from the left column.
3. In the right pane, click on the Add Rule button. A new window will appear.
a) Click on the Add Rule button.
b) Select the desired filter and condition
c) Click on the Add button.
d) Choose an Authentication Profile to allow, deny or require multi-factor authentication. Click OK.
4. Select a Default Profile to allow, deny or require multi-factor authentication. Click Save.
Other settings to consider:
- To restrict web application access to only devices that has been enrolled into Centrify's MDM.
- To manage web application access for devices managed by an external MDM.
- To restrict access based on behavioral risk level.
This article will show you how to secure the access to a web application by only allowing access from a device that has been enrolled into Centrify's MDM or prompt for multi-factor authentication when accessing from a non-managed device.
Enroll your device into Centrify MDM
1. Log into the Centrify Admin Portal.
2. On the left, navigate to Core Services > Policies, then edit an existing policy by clicking on the name of the policy or create a new one by clicking Add Policy Set.
3. In the policy, go to Login Policies > Centrify Portal. Scroll down to the section called Other Settings.
a) Uncheck "Allow IWA connections (bypasses authentication rules and default profile)"
b) Place a check next to the following two check boxes:
- Use certificates for authentication (bypasses authentication and default profile.)
- Connections using certificate authentication satisfy all MFA mechanisms
c) Press Save.
4. Edit your web application and select Policy from the left column, then click Add Rule.
5. When a new window appears, click Add Filter.
6. Select Managed Device and desired condition, then click Add.
9. Press Save when your configuration is complete.
Other settings to consider:
Si su empresa tiene contemplado migrar su correo a Office 365 o si es un cliente actual de Office 365 y está sufriendo con los problemas de sincronización de usuarios, este artículo es para usted.Read more...
Com o aumento da adoção de sistemas em nuvem, as empresas necessitam empregar uma forma eficiente de controle de acesso a essas informações, já que essas informações não estão mais localizadas necessariamente dentro do perímetro de rede da companhia.Read more...
Centrify for Office 365 Part 6: Readying your Active Directory to work with Office 365 and the Centrify Identity Service
Part 6: Readying your Active Directory to work with Office 365 and the Centrify Identity Service
We detail the steps needed to prepare rich O365 clients such as Outlook and Skype for Business / Lync for use with Centrify for Office 365. We also provide the minimum requirements needed to allow AD users the ability to single-sign-on into their O365 environments using IWA (Integrated Windows Authentication).
Centrify for Office 365 Part 5: Readying your Active Directory to work with Office 365 and the Centrify Identity Service
Part 5: Readying your Active Directory to work with Office 365 and the Centrify Identity Service
We provide the best-practices for getting your Active Directory environment ready to allow AD users to seamlessly authenticate into their federated O365 accounts. We also detail the minimum requirements needed for successful user and group syncing when Centrify Provisioning is used.
A detailed walkthrough can also be found in the Knowledge Base of the Centrify Support Portal:
For a full list of attributes that are synced when Hybrid Mode is enabled, see also:
- KB-4901: List of AD attributes that are synced into Office 365 cloud with Centrify provisioning
Part 4: Readying your Office 365 to work with the Centrify Identity Service
In this video, we provide a brief introduction to the Office 365 Admin Center, then a walk through the Office 365 tenant's domain and DNS registration steps. Finally, we show where and how to enable Directory Synchronization in Office 365 for integration with Active Directory.
Note: A detailed walkthrough can also be found in the Knowledge Base of the Centrify Support Portal:
- KB-5053: How to configure Office 365 and integrate with Centrify for automated user provisioning
Part 3: The Different Account Types of Office 365
Microsoft Office 365 offers a range of different account types to serve the wide array of domain environments that exist in the corporate world. This video will run through each type of account and their login flows, and then demonstrate how the Centrify for Office 365 application can be incorporated to provide a consistent user experience - no matter what type of O365 account is used in the environment.
Part 2: Components of the Centrify Identity Service
In this short video we run through the three core components that make up the Centrify Identity Service; the Centrify User Portal, the Centrify Cloud Manager and the Centrify Cloud Connector. We show how each component fits into the infrastructure and what the user experience will be when interacting with these components for both Microsoft Office 365 as well as other SaaS applications.
Centrify for Office 365 Part 1: An Introduction to the Centrify Identity Service and Centrify for Office 365
Part 1: An Introduction to the Centrify Identity Service and Centrify for Office 365
We provide a brief overview of both the Centrify Identity Service and Microsoft Office 365. A quick introduction of how the two can be integrated together to give the most comprehensive and convenient user management for O365 Administrators, while simultaneously presenting a seamless experience for end-users.