- Centrify Express For Mac Smart Card Login
- Centrify Express For Mac Smart Card Reader
- Centrify Express For Mac Smart Card Balance
Client devices that use a smart card for user authentication must meet certain requirements.
SUNNYVALE, CA-(Marketwire - Sep 25, 2012) - Centrify Corporation, the leading provider of security and compliance solutions that centrally control, secure and audit access to cross-platform systems, mobile devices and applications, today announced availability of its free Centrify Express for Smart Card offering, enabling federal government employees and contractors with Macs to securely.
With Centrify Management Services for Mac, you can use Active Directory to centrally manage authentication, policy enforcement, single sign-on (SSO), and user self-s ervice for popular endpoint devices running Mac OS X, macOS, iOS, and Android. A key component of Centrify Management Services for Mac is the Centrify agent for Mac computers. Enabling Smart Card Login for Mac OS X using Centrify 2012.4 UNCLASSIFIED 3 UNCLASSIFIED Planning and Preparation Centrify has several versions of their product, but the free Express version does not support smart card logon. The standard version or higher is required for Mac smart.
Client Hardware and Software Requirements
Toon shooters 2: the freelancers download for mac. Each client machine that uses a smart card for user authentication must have the following hardware and software.
- Horizon Client
- A compatible smart card reader
- Product-specific application drivers
Users must have a smart card, and each smart card must contain a user certificate. The following smart cards are supported.
- U.S. Department of Defense Common Access Card (CAC)
- U.S. Federal Government Personal Identity Verification (PIV) card (also called FIPS-201 smart cards)
- Gemalto .NET card
- Gemalto IDPrime MD card
For CAC and PIV cards, Horizon Client uses the CryptoTokenKit smart card driver by default and you do not need to install any middleware.
For Gemalto .NET cards, install the correct SafeNet Authentication Client version for your macOS version. Gemalto SafeNet Authentication Client supports both CryptoTokenKit and TokenD smart card drivers for Gemalto .NET smart cards.
You can also use the following third-party smart card drivers with CAC and PIV cards.
- PKard for Mac v1.7 and v1.7.1
- Charismathics (CCSI_5.0.3_PIV)
- Centrify Express
To use a third-party smart card driver, you must disable the CryptoTokenKit smart card driver. For more information, see Disabling the CryptoTokenKit Smart Card Driver.
Agent Software Requirements
A Horizon administrator must install product-specific application drivers on the agent machine.
With PIV cards, the operating system installs the related driver when you insert a smart card reader and PIV card for a Windows 7 virtual desktop. The following agent drivers are supported for PIV cards for Windows 7 virtual desktops.
- Charismathics (CSTC PIV 5.2.2)
- Microsoft minidriver
- ActivClient 6.x
The following agent drivers are supported for PIV cards for Windows 10 virtual desktops.
- Charismathics (CSTC PIV 5.2.2)
- ActivClient 7.x
For Gemalto .NET cards, the Gemalto Minidriver for .NET Smart Card driver is supported.
Enabling the Username Hint Field in Horizon Client
In some environments, smart card users can use a single smart card certificate to authenticate to multiple user accounts. Users enter their user name in the Username hint text box when they use a smart card to authenticate.
To make the Username hint text box appear on the Horizon Client login dialog box, you must enable the smart card user name hints feature for the Connection Server instance in Horizon Console. For information about enabling the smart card user name hints feature, see the Horizon Administration document.
If your environment uses a Unified Access Gateway appliance for secure external access, you must configure the Unified Access Gateway appliance to support the smart card user name hints feature. The smart card user name hints feature is supported only with Unified Access Gateway 2.7.2 and later. For information about enabling the smart card user name hints feature in Unified Access Gateway, see the Deploying and Configuring VMware Unified Access Gateway document.
Additional Smart Card Authentication Requirements
In addition to meeting the smart card requirements for Horizon Client systems, other VMware Horizon components must meet certain configuration requirements to support smart cards.
When you generate a certificate for a blank PIV card, enter the path to the server truststore file on the Connection Server or security server host on the Crypto Provider tab in the PIV Data Generator tool.
For information about configuring Connection Server to support smart card use, see the Horizon Administration document.
Centrify Adds Smart Card Support to Its Solution for Integrating Mac OS X
in Active Directory Environments
DirectControl for Mac OS X, Smart Card Login Option to initially Support
the Department of Defense Common Access Card (CAC)
Mountain View, CA-February 5, 2007- Centrify Corporation, a leading
provider of Microsoft Active Directory-based access control and identity
management solutions for non-Microsoft platforms, today announced
DirectControl for Mac OS X, SmartCard Login Option, which enables Mac OS X
users to join Microsoft Active Directory environments that require
two-factor authentication via smart cards. The first smart card standard to
be supported is Department of Defense Common Access Cards (CAC), used
pervasively throughout the DoD and related agencies to authenticate both
military personnel and contractors to systems around the world.
DirectControl runs natively on both PowerPC- and Intel-based Macs.
'Providing smart card support for the Mac reflects Centrify's commitment to
maintaining parity for non-Microsoft systems by integrating them into the
identity management, access control and authentication capabilities of
Microsoft Active Directory,' said Jim Chappell, Vice President of Field
Operations at Centrify. 'The millions of smart card users in the Federal
government benefit from having the leading provider of Mac-Active Directory
integration deliver smart card support.'
'The unique combination of rock solid UNIX stability, security and
ease-of-use is driving increased adoption of Mac OS X by Federal
employees,' said Ron Okamoto, Apple's vice president of Worldwide Developer
Relations. 'We're thrilled that Centrify has taken advantage of the
interoperability of Mac OS X to deliver a two-factor smart card
authentication solution.'
Centrify Express For Mac Smart Card Login
Smart cards are recognized as the de-facto standard for two-factor
authentication. For Federal agencies, HSPD12 (Homeland Security
Presidential Directive #12) mandates the use of two-factor authentication
for all Federal computer systems. To address this requirement, Centrify
DirectControl for Mac OS X, SmartCard Login Option enables a user to log in
to any DirectControl-enabled system without requiring any special user
configuration on the local system, because all authentication and access
control data is stored in Microsoft Active Directory. Administrators can
use Active Directory to centrally control which users may or may not log in
to which Macs. Additionally, Centrify DirectControl's unique Zones
capability allows custom grouping of systems for delegated administration
and fine-grained control of access.
Centrify DirectControl supports both online and offline login with smart
cards, so an organization can require a user who is using a Macintosh on an
airplane to authenticate using their smart card. DirectControl also lets
administrators leverage the Group Policy capabilities associated with
Active Directory to configure Mac OS X systems and ensure that those
systems adhere to the organization-wide policies used by Windows systems.
Centrify DirectControl's core feature is its ability to enable UNIX, Linux
and Mac systems to participate in an Active Directory domain. The Centrify
DirectControl Agent effectively turns the host system into an Active
Directory client, enabling organizations to secure that system using the
same authentication, access control and Group Policy services currently
Donut county crack. deployed for their Windows systems.
Pricing and Availability
Centrify Express For Mac Smart Card Reader
Centrify DirectControl for Mac OS X is priced at $60 per workstation. The
SmartCard Login Option is priced at $30 per workstation. The DirectControl
for Mac OS X, SmartCard Login Option will be generally available in early
March 2007. Please visit http://www.centrify.com/mac for more details.
About Centrify
Centrify Express For Mac Smart Card Balance
Centrify delivers centralized access control and identity management
solutions that seamlessly integrate non-Microsoft systems, web
applications, databases and storage systems with Microsoft Active
Directory. With Centrify solutions, organizations can improve efficiency,
better comply with regulatory requirements and move toward a more secure,
connected infrastructure for their heterogeneous computing environment.
Centrify is headquartered in Mountain View, California. For more
information about Centrify and DirectControl, call +1 650-961-1100 or visit
www.centrify.com.