You can log in to an enrolled Windows system with the same account that you use when you log in to the Admin Portal, and you can do this either from the Admin Portal or by using a native application that uses RDP, SSH, SCP, or SFTP.
You can log in to an enrolled Windows system without having to first log in to the Admin Portal by using a vaulted account, manual login, or Use My Account (UMA). For details on logging in with a vaulted or manual account, see Accessing remote systems
Prerequisites for logging in to Windows systems with Use My Account
Before you can use this feature, you need the following:
Enroll the system. For details, see Installing and using the Centrify Client for Windows.
Your account needs to have the Agent Auth permission. For details, see Enabling client-based login.
The target system needs to be using the connector that you log in to. For details, see Mapping system subnets to connectors.
Note: Be aware that when an Active Directory users logs in with Use My Account, the system prompts them to enter their password so that the user can log in as a domain user on the system.
Accounts and hostnames needed for logging in to Windows systems with Use My Account
Here are the accounts and hostnames that you'll need for this procedure:
Connector port, if you're logging in to the connector in order to connect to another system (jumpbox scenario) By default, the port for RDP connections is 5555 and 22 for SSH connections.
You can configure the port per connector in Settings > Network > Centrify Connectors > connector > SSH-RDP Services > RDP Port. You can also configure the SSH port.
The target system's hostname (this is the system that you want to log in to). Be sure to use the fully qualified domain name (FQDN).
Your user name in the Admin Portal, including tenant suffix. For example, email@example.com.
The "me" account. This is a local account that the service creates automatically but it's normally hidden from view.
Note: If you have already configured a local Windows account named "me" you can contact Centrify Technical Support to configure this feature to use a different name for this special, local account.
Whether you connect to a Windows system directly using Remote Desktop Connection, PuTTY, or an FTP client, the process is the same. You connect to the desired system by way of the connector system.
To log in to an enrolled Windows system directly with Remote Desktop Connection:
In a new Remote Desktop Connection window, enter the computer hostname and (optionally) the port for the system where the cloud connector is installed.
For example, if the hostname is win-prod7.acme.com, enter that as the hostname.
If you're connecting to the system as a way to log in to a networked system (jumpbox scenario), enter the port number. For example, enter win-prod7.acme.com:5555.
Enter the user name that you use to log in to the Admin Portal.
Click Connect to continue.
When prompted, enter the password for your Admin Portal account.
- When prompted, enter any additional multi-factor authentication answers.
When prompted for the hostname, enter the hostname for the target system.
When prompted for the account, enter "me".
The "me" account tells the service to use your Admin Portal account.
After the service validates your authentication, it logs you in to the Windows system under your Admin Portal user name