Creating the first zone

The next step in configuring your evaluation for access control and privilege management is to create a Centrify zone. Zones enable you to define and control access privileges for users and groups in your organization. By using zones, you can limit who has access to different computers and where users have permission to exercise elevated privileges.

To create a parent zone

  1. Open Access Manager.
  2. Click Create Zone.

  3. Type a name and description for the zone, for example Headquarters, then click Next.
  4. Leave Use default zone type selected, and click Next.
  5. Verify information about the zone you are creating, then click Finish.

You now have one parent zone. You can have multiple parent zones or a single parent zone, depending on your needs. If you expand the Zones node, the left pane displays your new zone.

Access Manager automatically creates the Computers, UNIX Data and Authorization nodes for each zone you create. These nodes enable you specify precise access privileges for computer and application administrators in each zone.

A parent zone can have one or more child zones. Child zones inherit information from the parent zone. For example, you can define access rights, roles, and role assignments in a parent zone and use them or change them in a child zone. You will work with child zones in a later exercise.

Now that you have Access Manager installed and have configured your first zone, you are ready to install the Centrify agent on a UNIX or Linux computer.