After you have deployed Centrify agents to implement an Active Directory-based security and directory services, you may want to explore other ways to take advantage of Active Directory’s infrastructure. In evaluating ways to extend your security and directory services, you must first understand:
- How the UNIX servers and workstation that are joining the domain are used
- Which applications are accessed locally and which applications are accessed by remote users
- How the servers and workstations are managed, and whether administrators are local users or remote users
- Whether there are specific additional IT services you want to enable
- Whether there are specific controls you want to apply
As a starting point, you should consider whether computers joining the domain are workstations that primarily support local logon sessions or servers that require few, if any, local logon sessions. In many cases, UNIX computers have few interactive users but are frequently used as application servers that host database or web applications. For those computers, you should determine whether Active Directory authentication and authorization is primarily for administrators who manage the server or for users who log in to access the application.
Some of the ways you can extend and evolve the deployment of Centrify software include: