Centrify® Mac® Management

By Ryan Squires Posted March 22, 2019

Centrify Mac Management

As Centrify® morphs their organizations into two separate entities—Centrify for privileged identity management and Idaptive® for web application single sign-on (SSO)—the common question that many IT organizations are asking is where Centrify’s Mac® management solution has gone. This article aims to answer what constitutes your best plan of attack when it comes to Mac management in the face of Centrify’s split.

Which Company Owns Mac Management?

It’s a fair question as both Centrify and Idaptive don’t really clearly address where the Mac management business has gone. Centrify, as a foundational piece of their company, started their business many years ago with a focus on extending Active Directory® to work with both Mac and Linux® systems. While we can point back to this time in Centrify’s business to know how they got their start, where they’re going is a bit more perplexing. Now, Centrify has put their focus on privileged identity management (PIM). The SSO capabilities that were once under the umbrella of Centrify have been moved to a brand-new company called Idaptive. But, where is Mac and Linux management?

At first glance, it appears that some of the Mac integration with Active Directory functionality may have moved over to the Idaptive spinoff. That said, it is unclear whether this is an area of focus for Idaptive at all. Given the current incarnation of the Idaptive site as well as their public information, it appears that the primary interest for the company moving forward is competing against Okta® in the web application SSO market.

Where Do We Go from Here?

For companies that are leveraging Centrify’s existing identity bridge functionality to connect AD to Mac and Linux systems, many are wondering that exact question. What is the path forward? On the surface, it doesn’t appear that there is much information about how customers should proceed. It also isn’t clear whether the Mac and Linux identity bridge functionality will continue to be worked on and innovated against.

For customers, this uncertainty is unsettling, and many IT admins just want to know how they can continue to extend AD credentials to their Mac and Linux machines without upheaval. This situation has led many IT organizations to consider two different concepts. One is a cloud identity bridge solution, and the other, a reset on their complete identity management approach with a cloud directory service. Utilizing a next generation cloud identity bridge shifts the on-prem identity bridge functionality to the cloud and extends it to a wide range of use cases including the ability to authenticate users to their Mac systems using a G Suite™ password. On the other hand, a cloud identity management solution means that an organization can eliminate their identity bridge as well as Active Directory, a move that greatly simplifies their ability to manage their IT infrastructure.

Replace Centrify and Active Directory

Here’s the simple truth: nobody at this time seems sure of what Centrify is going to do with their identity bridge solution. But, let’s get one thing straight. The real root of the problem boils down to Active Directory. If you’re leveraging Centrify, you’re probably going to be in the market for an SSO solution as well. Do you default to Idaptive? What about Okta? You’re having to come up with solutions to problems that Active Directory has created. Because AD doesn’t support Mac and Linux machines out of the box and doesn’t integrate well with web applications, you are forced to find ways to make AD work for you. Therefore, the simplest way to fix this problem is to go to the root and replace what is causing you all these problems in the first place: Active Directory.

But how? JumpCloud® Directory-as-a-Service® is a complete reimagination of Active Directory, made for the cloud era. So, you don’t need to layer solutions on top of your identity store to get the tools you use daily to function with non-Windows resources. By leveraging key protocols like LDAP, SAML, RADIUS, REST APIs, SSH, and others, you don’t need to worry about whether your users will be able to utilize the applications and services they leverage most. Because JumpCloud leverages the most powerful protocols, your users get a True Single Sign-On™ experience. That means end users only need one identity, or set of credentials, to access their system, web and on-prem applications via SAML and LDAP, networks via RADIUS, and even remote AWS® servers through SSH keys.

Learn More About JumpCloud

If you’re concerned about Centrify Mac management and where it’s going, or you just want to try the future of directory services, sign up today for a JumpCloud account. With our free account you can manage up to 10 users, and their systems, with absolutely no credit card required. Plus, it’s fully featured, so you can get a good feel for how JumpCloud will work in your environment. If you need any further information about integration or setup, our Knowledge Base is a great place to start. Additionally, you can schedule a demo or chat with one of our product experts, and they’ll be happy to go over your options with you.

Ryan Squires

Ryan Squires is a content writer at JumpCloud, a company dedicated to connecting users to the IT resources they need securely and efficiently. He has a degree in Journalism and Media Communication from Colorado State University.

Recent Posts