“We understand that some of our customers have a need to connect their Microsoft infrastructure with other environments, such as UNIX, to be able to centrally and more securely manage employee identities,” said Jeff Price, Senior Director for the Windows Server Division at Microsoft. “Centrify’s DirectControl has enabled enterprises to extend Active Directory’s identity and policy management services to non-Microsoft systems, and we’re pleased to have their continued support for Windows Server 2003 R2 and Active Directory Federation Services.”
Centrify will deliver the first solution that extends ADFS to web-based applications that run on non-Microsoft web platforms. Microsoft ADFS supports applications running on the Microsoft Internet Information Services (IIS) platform and enables distributed identification, authentication and authorization across organizational boundaries. Using the Centrify solution, web-based applications hosted on Apache and popular J2EE application servers, including IBM WebSphere, BEA WebLogic, JBoss, and Tomcat will support Microsoft ADFS without having to deploy any additional federated identity software. Administrators will be able to centralize Identity Management for both internal and external users in Active Directory, and users will have the same single sign-on experience whether they access a local resource or one at a trusted partner.
Active Directory in the Windows Server 2003 R2 release includes new attributes for storing UNIX information for users and groups. These new schema extensions formalize Microsoft’s support for the RFC2307 specification for using LDAP as a network information service. Centrify DirectControl will fully support these new schema extensions transparently when they are present in an organization’s Active Directory implementation.
The value of this standards-based approach is demonstrated in Centrify’s ability to support Microsoft’s official Active Directory schema for UNIX attributes without the need to require additional schema extensions to provide customers with additional enterprise features such as DirectControl’s patent-pending Zone technology. Centrify DirectControl is unique in its ability to enable organizations to group systems into management zones according to any taxonomy that makes sense for their enterprise: by department, geography, function, system type, etc. They then use Active Directory’s role-based access model to authorize users and groups only to the zones of systems needed for their job function. Centrify DirectControl Zone technology allows more granular control of configurations and user rights. IT managers can delegate administrative rights on a zone by zone basis and fine-tune administrators’ rights within each Zone. Further details about Centrify support for Windows Server 2003 R2 can be found at www.centrify.com/r2.
“With Windows Server 2003 R2, Microsoft has increased the desirability of centralizing identity management in Active Directory. By adding Centrify’s DirectControl, non-Microsoft web applications will be able to seamlessly participate in Active Directory-centric federations without having to deploy anything else,” said David McNeely, Director of Product Management at Centrify Corporation. “With Windows Server 2003 R2, Microsoft is making it easier to integrate UNIX systems with Windows systems.”
Centrify has also created new solution guides to support the implementation of enhanced UNIX interoperability with Windows Server 2003 R2. The first of these guides, “Using DirectControl with Microsoft NFS Server,” provides customers with detailed information on how to create secure central file servers for UNIX clients using Windows Server 2003 R2. This solution uses the NFS file server technology included with Windows Server 2003 R2 and DirectControl’s centralized Active Directory-based identity management solution. The second guide in this series, “Using DirectControl to Enable Automounted UNIX Home Directories,” provides information on using Windows file servers for automatically hosting UNIX client home directories. These solution guides are freely available on the Centrify Resource Center at: http://www.centrify.com/resources/overview.asp
Pricing and Availability
Support for Windows Server 2003 R2 in Centrify DirectControl will be generally available in February 2006. An early adopter version of Centrify DirectControl for ADFS is available now, and interested parties can request a copy at www.centrify.com/adfs.
Centrify DirectControl provides the industry’s broadest coverage of systems with support for over 40 versions of Linux, UNIX and Mac OS X. Pricing starts at $50 per workstation and $300 per server. For an evaluation copy of the Centrify DirectControl suite, visit www.centrify.com/trial.
Centrify is a leading provider of Microsoft Active Directory-based identity management, access control and policy enforcement solutions for UNIX, Linux, Mac, Java and web platforms. With its DirectControl suite, Centrify provides a secure, connected computing environment for heterogeneous systems and applications, enabling organizations to fully leverage Active Directory to significantly strengthen security, reduce infrastructure costs, streamline IT operations, and better comply with regulatory requirements. Founded in March 2004, Centrify is headquartered in Mountain View, California. For more information about Centrify, call +1 650-961-1100 or visit www.centrify.com."