Centrify Server Suite Agents policies

You can enable users to perform certain tasks related to their accounts.

To access and enable the Centrify Server Suite Agents options:

  1. Log in to Admin Portal, click Access > Policies and select the policy set.
  2. Click Authentication > Centrify Server Suite Agents. From here, you can choose from one of the following:
  • Linux, UNIX and Windows Servers.
  • Windows Workstations.
  • Privilege Elevation.
  1. Select Yes in the "Enable authentication policy controls" drop-down.

Once enabled, you can configure the following options:

Authentication Rules and Default Profile

Available Settings Description
Add Rule Build rules to define conditions for authentication challenge requirements. Each rule maps to a customizable authentication profile. The default profile is used if no rules are configured.
Default Profile The profile Centrify PAS uses if no profile is added/selected.

Apply Pass-Through Duration

For Linux, UNIX and Windows Servers, there are additional pass-through duration settings. Pass-through refers to situations where a user logs in to multiple systems, and whether or not their authentication is "passed-through" to the secondary system. The authentication profile that you specify here controls the authentication timeout.

  • Never (Default) - Prompt for MFA every time, irrespective of the chosen profile's Pass-through setting.
  • If Same Source and Target - Allow pass-through as long as source and target system remain unchanged.
  • If Same Source - Allow pass-through as long as source system remains unchanged.
  • If Same Target - Allow pass-through as long as target system remains unchanged.