Installing Authentication & Privilege Services

This section provides instructions for installing all identity and privilege management components on Windows computers in your network. There are several Windows-based components that enable you to manage the deployment and ongoing operations of Centrify software. You should install all of the identity and privilege management components on at least one Windows computer. Depending on the division of responsibilities in your organization, you may want to install different components on more than one Windows computer.

When you install identity and privilege management components, the following features are installed:

  • The Privileged Access Service, which enables MFA login, MDM, and other platform services.
  • The Centrify Privilege Elevation Service and Centrify Authentication Service, which together enable computers where Centrify software is installed to use the Active Directory infrastructure located on the domain controller, and enable users and zone-joined computers to have elevated privileges. The services include ADUC extensions, GPOE extensions, PowerShell extensions, Centrify utilities, and Access Manager.

Access Manager is the administrative console that enables you to create zones and configure rights and roles for Active Directory users running applications on Windows computers.

You should always install the Windows components first before you install the Centrify Agent on the non-Windows computers you intend to manage.