You can enable users to perform certain tasks related to their accounts.
To access and enable the Centrify Server Suite Agents options:
- Log in to Admin Portal, click Access > Policies and select the policy set.
- Click Authentication > Centrify Server Suite Agents. From here, you can choose from one of the following:
- Linux, UNIX and Windows Servers.
- Windows Workstations.
- Privilege Elevation.
- Select Yes in the "Enable authentication policy controls" drop-down.
Once enabled, you can configure the following options:
|Add Rule||Build rules to define conditions for authentication challenge requirements. Each rule maps to a customizable authentication profile. The default profile is used if no rules are configured.|
|Default Profile||The profile Centrify PAS uses if no profile is added/selected.|
Apply Pass-Through Duration
For Linux, UNIX and Windows Servers, there are additional pass-through duration settings. Pass-through refers to situations where a user logs in to multiple systems, and whether or not their authentication is "passed-through" to the secondary system. The authentication profile that you specify here controls the authentication timeout.
- Never (Default) - Prompt for MFA every time, irrespective of the chosen profile's Pass-through setting.
- If Same Source and Target - Allow pass-through as long as source and target system remain unchanged.
- If Same Source - Allow pass-through as long as source system remains unchanged.
- If Same Target - Allow pass-through as long as target system remains unchanged.