Downloading and using the Centrify Clients for Linux

The Centrify Clients for Linux are software packages you can install on Linux computers to support application-to-application password management and authentication services for Privileged Access Service users.

By installing a Centrify Client for Linux, computer accounts can be used to run applications and to check out account passwords that are stored in the Privileged Access Service. This capability enables you to store and rotate managed passwords for application-to-application authentication without user intervention and eliminates the need for shared administrative passwords to run applications.

Additionally, on registered computers with the agent-based authentication enabled, visible roles become Unix groups. Each role has a unique name and GID associated with it. Therefore, commands like getent group<rolename> executed on registered computers, will return a valid result. If a cloud user is a member of a visible role (visiblerole), commands like groups <cloudusername> or id <cloudusername> will return a result where the user is considered to be a member of a visible role (visiblerole).

Note:   A role does not need to have any members associated with it to be visible on registered computers.

The Centrify Clients for Linux are only available for a limited set of supported platforms. If you are managing computers where a Centrify Client for Linux is supported, you can download an agent from the Admin Portal, from the Centrify Download Center, or from the Centrify YUM or APT repository.

To download a Centrify Client for Linux:

  1. Log-in to Admin Portal.
  2. Click Downloads and select an agent from the Centrify Clients for Linux.
  3. Review the features available and supported distributions.
  4. Click the appropriate link to download the appropriate software package for a supported platform.

After you download a Centrify Client for Linux, you can use a native package manager to install the commands, man pages, and sample scripts included in the package. For example, if you downloaded the package that supports Red Hat, CentOS, and Oracle distributions of Linux, you would run a command similar to the following on the Linux computer:

rpm -Uvh CentrifyCC-rhel6.x86_64.rpm

After you install the package using a native package manager, you can find the command line programs and sample scripts in the /usr/share/centrifycc directory. For examples of how you can use the command-line programs in scripts to manage passwords for local or privileged accounts, see the sample scripts included in the /usr/share/centrifycc/samples directory.

Note:   The Centrify Client for Linux replaces the CLI Toolkit, which was available in previous releases. If you downloaded and installed the CLI Toolkit and have scripts that used the commands included in previous releases, you might need to modify the scripts to work with the Centrify agent. For more information about migrating scripts from the CLI Toolkit to use the commands included in the Centrify agent package, see Migrating scripts from the CLI Toolkit.