Professional Documents
Culture Documents
Centrify Corporation
Legal notice
This document and the software described in this document are furnished under and are subject to
the terms of a license agreement or a non-disclosure agreement. Except as expressly set forth in
such license agreement or non-disclosure agreement, Centrify Corporation provides this
document and the software described in this document “as is” without warranty of any kind, either
express or implied, including, but not limited to, the implied warranties of merchantability or
fitness for a particular purpose. Some states do not allow disclaimers of express or implied
warranties in certain transactions; therefore, this statement may not apply to you.
This document and the software described in this document may not be lent, sold, or given away
without the prior written permission of Centrify Corporation, except as otherwise permitted by
law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part
of this document or the software described in this document may be reproduced, stored in a
retrieval system, or transmitted in any form or by any means, electronic, mechanical, or
otherwise, without the prior written consent of Centrify Corporation. Some companies, names,
and data in this document are used for illustration purposes and may not represent real companies,
individuals, or data.
This document could include technical inaccuracies or typographical errors. Changes are
periodically made to the information herein. These changes may be incorporated in new editions
of this document. Centrify Corporation may make improvements in or changes to the software
described in this document at any time.
© 2004-2010 Centrify Corporation. All rights reserved. Portions of Centrify
DirectControl are derived from third party or open source software. Copyright and legal notices
for these sources are listed separately in the Acknowledgements.txt file included with the
software.
U.S. Government Restricted Rights: If the software and documentation are being acquired by or
on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at
any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD)
acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government’s
rights in the software and documentation, including its rights to use, modify, reproduce, release,
perform, display or disclose the software or documentation, will be subject in all respects to the
commercial license rights and restrictions provided in the license agreement.
Centrify, DirectControl, and DirectAudit are registered trademarks and Centrify Suite,
DirectAuthorize, and DirectSecure are trademarks of Centrify Corporation in the United States
and/or other countries. Microsoft, Active Directory, Windows, Windows NT, and Windows
Server are either registered trademarks or trademarks of Microsoft Corporation in the United
States and/or other countries.
The names of any other companies and products mentioned in this document may be the
trademarks or registered trademarks of their respective owners. Unless otherwise noted, all of the
names used as examples of companies, organizations, domain names, people and events herein are
fictitious. No association with any real company, organization, domain name, person, or event is
intended or should be inferred.
Contents
1
Connecting to a remote computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Finding and fixing open issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Refreshing computer information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Setting options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Importing the product catalog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
2 Administrator’s Guide
About this guide
Intended audience
This Deployment Manager Administrator’s Guide provides complete
information for deploying Centrify software to the machines in
your environment with Deployment Manager. This guide is
intended for administrators who are responsible for managing user
access to servers, workstations, enterprise applications, and
3
Using this guide
9
Understanding Deployment Manager
Preparing to install
You can install the Deployment Manager on one of the following
Windows platforms:
15
Understanding the deployment-process
Click Next.
Click Next.
8 Enter account information for other machines:
If you selected the option to apply the same user name and
password to other computers, select those computers now,
then go to Step 9.
If you are not using the same account and password, the
wizard displays the next machine in the list; enter account
information for this machine (and subsequent machines by
repeating Step 7 for each machine).
Click Next.
Specify a new set of Supply new account information. Click Next, then go to
account information Step 7.
Click on any category to see a list of computers in the left pane. For
example, click Unknown to see computers that were inaccessible
by Deployment Manager. You can then look at the Open Issues
node for that machine to see why the computer is inaccessible.
Next Step
The next step is to download Centrify software for the computers
you just added to the repository. Go to “Step 2 Downloading
Centrify software” on page 25 for detailed information.
You can save the file in any well-known location. When you run the
Add Computers Wizard, you enter the path to this file.
Manager. In addition, you must download the analysis tools that the
Deployment Manager runs.
Generally, you will download packages from the Centrify
Download Center, which guarantees that you are getting the latest
and most appropriate packages for the systems in your
environment. However, if you are working within an isolated
network, you can copy the packages to a network location
beforehand, then download them to Deployment Manager from
that location (see the Copy from network option in Step 1).
Next Step
Go to “Step 3 Analyzing your environment” on page 30 to analyze
your environment for compatibility with Centrify software.
Next Step
Resolve the errors and warnings that were found:
1 Expand one of the categories with errors or warnings; for
example, in the figure, under Computers with no Centrify
software installed click the expansion arrow for Ready
to install with Warnings:
You can also deploy software by using menus in the left pane.For
example, to deploy to a specific computer, navigate to that
computer and select it. Then click Action > Add Software.
35
Navigating the Deployment Manager console
and so on, that enable you to see at a glance the state of your
deployment.
Software — Contains the Centrify suite and analysis tools
packages that you have downloaded.
Open Issues — Identifies issues that Deployment Manager has
found for the computers added to the repository.
History — A list of actions you have taken with Deployment
Manager.
Viewing history
The History node shows a list of all the actions that have been
performed by Deployment Manager, including discovery, analysis,
You can delete items from History by selecting one or more items,
then right-clicking and selecting Delete.
Note You can add or edit the remote terminal applications that
are available in the Remote Access context menu, by configuring
the Terminal option; see “Specifying terminal applications” on
page 45.
In addition, each computer has its own Open Issues node that
makes it easy to find open issues specific to a particular computer.
Just expand the computer’s node in the left pane, double-click it’s
Open Issues sub-node, and individual issues are displayed in the
right pane.
To resolve an open issue:
1 Navigate to the issue.
Setting options
The Deployment Manager allows you to set the following options:
Specifying a Download account
Specifying terminal applications
Specifying log settings
Specifying time out values
Specifying whether to ping before connecting to a computer
Field Value
Name The name of the application as it appears in the
Remote Session context menu.
You can use the vertical bar (|) to create a
submenu. For example:
SSH|Kerberos Login
creates the following menu:
Remote Session —> SSH —>Kerberos Login.
Location The location for the terminal application
executable file.
The Deployment Manager uses the following
variable:
${InstallDir}
to identify its base directory:
C:\Program Files
\Centrify\Deployment Manager
By default, terminal applications are stored in the
External directory below this directory. If you
enter the path to the application, use the variable
to specify the base path; for example, for Kerberos:
${InstallDir}\External\putty.exe
You can also click Browse to browse to the location
of the executable.
Arguments The arguments for the terminal application. For
example, for Kerberos Login for putty:
-ssh -k ${ip}
Only available upon joining to Select this box to require an Active Directory
Active Directory account and password in order to execute the
command.