The Add System Wizard provides step-by-step guidance to help you add different types of systems one-by-one. The wizard prompts you to set the appropriate system properties based on the type of system you are adding and, optionally, attempts to verify the information you provide. You can change or add system information outside of the wizard at a later time, if needed. The following details how to:
Add a new system using the wizard
- In the Admin Portal, click Resources, then click Systems to display the list of computers and network devices.
- Click Add System to open the Add System Wizard.
Enter the following information:
- System Type: Select the system type from the drop-down menu. You can use the Centrify Admin Portal to manage account passwords for many types of systems. If you are adding a type of network device not available in the Admin Portal, select Generic SSH as the system type. If you would like to add a custom system type, see Adding or managing a resource profile.
- DNS Name/IP Address: Type the fully-qualified DNS name or IP address. FQDN is recommended for systems using a certificate to establish a trusted connection (usually HTTPS).
- Name: Type a unique name to identify the system.
- Description: (Optional) Type a description of the system.
- Click Next to continue.
Optionally, add a user name and password (or SSH Key for some system types) for an account used to access the system and specify whether the password for the account is managed by the Privileged Access Service, then click Next.
Some systems require a local administrative account to be specified if you want passwords managed by the Zero Trust Privileged Access Service. You can select Make this account the local administrative account for this system to designate the account you are adding as the local administrative account. You can also add or change the designated local administrative account after adding a system. For more information about identifying a local administrative account, see Specifying a local administrative account.
An account with an associated SSH key cannot be used as the local administrative account as there is no password stored for the account in the Privileged Access Service.
Note that to set or change the local administrative account, you must have the Edit permission on the system and the Grant permission on the account. You have these permissions by default if you add the system and account to the Privileged Access Service.
- For Credential Type, select Password or SSH Key. If choosing an SSH Key, you can either drag the key and drop it or click Choose and use a key on your computer. Additionally, you can click Manage this credential if you wish to have the keys rotated.
Configure additional settings as appropriate, then click Next.
The wizard prompts you for settings based on the type of system you are adding. For more information about system-specific settings, see the following topics:
- Adding Windows systems
- Adding UNIX systems
- Adding Cisco IOS or Cisco NX-OS systems
- Adding Cisco AsyncOS systems
- Adding Juniper systems
- Adding HP NonStop systems
- Adding IBM i systems
- Adding Check Point Gaia systems
- Adding Palo Alto Networks PAN-OS systems
- Adding F5 Networks BIG-IP systems
- Adding VMware VMkernel systems
- Adding Generic SSH systems
Select Verify System Settings to test access to the system using the account information provided, then click Finish.
If the system and account settings are verified, click Close.
If verification fails, try the following:
- Test network connectivity.
- Verify that the user name and password are valid.
- Make sure you are using the latest version of the Centrify Connector.
- Close the error message, deselect Verify System Settings, then click Finish.
Note that you can only skip verification if the password for a system account is unmanaged. If you specify an account for a system and select Manage this credential, the connection to the system must be verified to ensure the correct password is stored by the Privileged Access Service.
Now that you have a new system, you can navigate to Resources > Systems and when you click Add System you can choose the system type you just created, enter a DNS Name/IP Address, a name, and an optional description.
Note: You can sort through system type to show custom types by clicking Custom.
Once you add the system, you can then add accounts and configure settings like normal. All operations going through the account are managed through the script that you created.
Operations that you can perform may include but are not limited to the following:
- Update Password
- Rotate Password
- Set as an Admin Account
- Add to Set
- Verify Credential
- Password Reconciliation