Site icon MacTech.com

Centrify delivers Mac OS smart card log-in to Active Directory

Centrify Corp. (http://www.centrify.com) — a provider of Microsoft
Active Directory-based auditing, access control and identity
management solutions for non-Microsoft platforms — has released
Centrify DirectControl 4.2 for Mac OS X, which adds smart card-based
login to Active Directory for single sign-on to Windows-integrated
services and applications.

Centrify leverages the PKI infrastructure provided by Apple and works
with both Common Access Cards (CAC) and Personal Identity
Verification (PIV) cards as well as with other cards that support the
Apple TokenD interface such as the .NET smart card from Gemalto. With
this capability, government agencies and other organizations can use
smart cards for interactive login from the Mac to all services in the
organization whose access is controlled from Active Directory, not
just the local computer, says David McNeely, director of product
management for Centrify.

DirectControl effectively turns a Mac, UNIX or Linux system into an
Active Directory client, enabling administrators to secure that
system using the same authentication and Group Policy services
currently deployed for their Windows systems. By adding smart card
support to its Mac agent, Centrify enables customers to use Mac
systems in high security environments complying with Homeland
Security Presidential Directive (HSPD) 12 requiring secure and
reliable identification of Federal employee and contractors using PIV
cards.

DirectControl 4.2 for Mac OS X also adds increased security features
that include allowing organizations to lock the Mac Finder. This is
especially important in schools and universities that allow students
to share Macs but don’t want them to manipulate the system, McNeely
says.

Finder Lock is one of more than 200 Mac-specific Group Policies that
Centrify has developed to help administer Macs from the same
centralized administrative tools from which Windows computers are
managed. Other policies added in this release include enforcement of
a computer policy to require smart card login, a removal policy to
either lock the screen or force a logout when the smart card is
removed, and additional security controls.

With this release, Centrify DirectControl for Mac OS X also includes
a streamlined installation that allows a one-click setup of the Mac
in Active Directory. Centrify’s workstation installer was
specifically designed to enable administrators to deploy
DirectControl on Macs and quickly join them to an Active Directory
domain, McNeely says. In this way the users get prompt access to
network services and administrators can quickly apply policies to the
Macs, he adds.

Centrify DirectControl for Mac OS X Smart Card edition is licensed
for US$90 for one copy and is available in beta now. It will be
available within 90 days. CAC and PIV are supported on Mac OS X
10.5.3 and higher,

Exit mobile version