Using the Authorization Center directly on managed computers

The Authorization Center is available on managed computers where you have deployed the Centrify Agent for Windows and enabled the privilege elevation service. From the Authorization Center, you can view details about the rights, role definitions, role assignments, and auditing status for any users. Individual users can see details about their own login rights, effective roles, role assignments, role definitions, and auditing status. Administrators can select any user of interest to view the details for that user.

To use the Authorization Center on a local computer:

  1. Log on to a computer where the Centrify Agent for Windows and privilege elevation features are deployed.
  2. Click the arrow next to the notifications area in the taskbar.
  3. Right-click the Centrify icon, , then select Open Authorization Center.
  4. Click a tab to see details about the current user’s roles.
    • Effective Login Rights displays the current user’s local, remote, and PowerShell login rights and whether auditing is requested, required, or not applicable.
    • Effective Roles lists the roles that have been assigned to the current user and the status of each role names to which the user is assigned. You can right-click a role, then select Role Properties to view additional details, such as any time constraints defined for the role and the specific rights granted by the role.

    • Role Assignments lists details about the user’s role assignments, including where the assignment was made. For example, the Object Assigned column indicates whether the assignment for a user is explicit, from a group, or inherited from another setting, for example, from the selection of All Active Directory Accounts. You can right-click a role, then select Assignment Properties or Role Properties to view additional details, such as any time constraints defined for the role and the specific rights granted by the role.

    • Role Definitions lists detailed information about the selected user’s login rights and the audit requirements that have been defined for the roles the user has been assigned. You can right-click a role definition, then select Properties to view additional details.

    • Auditing lists the desktops used and auditing status for each desktop started in a session.

  5. Click Browse to view information for another user.

  6. Type all or part of the user name, then click OK.

    If more than one user name is found, select the appropriate user from the results, then click OK.

  7. Click Close when you are finished viewing detailed authorization information for the selected user.