After you install the Centrify agent for Windows, you must be assigned to a role that allows you to log on. To finish the preparation of the evaluation environment for access control and privilege management, you are going to assign a role with the log in privilege to your Active Directory account. The Windows Login role is a predefined role that grants permission to log on locally and connect remotely for Centrify‑managed Windows computers.
To assign the Windows Login role to your account:
- In Access Manager, expand Zones and select the zone you created in Creating the first zone.
- Right-click the zone, and select Add User.
- Select Active Directory user and click Next.
- Type the path to your account or click Browse to search for and select your Active Directory user account, then click Next.
For example, click Browse and type all or part of the name, then click Find Now. You can then select your account name in the list of results and click OK.
Deselect Define user UNIX profile and make sure Assign roles is selected, then click Next.
Click Add, select the predefined Windows Login role, and click OK.
Check the role assignment start and end times for your account are set to Start immediately and Never expire, then click OK.
Repeat Step 6 and Step 7 to add the Rescue - always permit login role.
Your Add User to Zone window should show the following roles:
Click Next, then click Finish.