The Centrify browser extension

Similar documents
Installing and Configuring hopto Work. System Requirements Be sure you have these system requirements to install and use hopto Work.

Accessing the Curriculum Management System Off-campus Process for obtaining and installing a CMS certificate on a home Mac

Integrating IBM Security Privileged Identity Manager with ObserveIT Enterprise Session Recording

MFA (Multi-Factor Authentication) Enrollment Guide

Online Access: Login to The Media Audit

Deposit Wizard TellerScan Installation Guide

Remote Support 19.1 Web Rep Console

Guide for Windows users with Internet Explorer and Firefox

Password Reset Utility. Configuration

Windows quick start instructions Pg. 1. OS X quick start instructions Pg. 4. ios quick start instructions Pg. 6

IT Access Portal User Guide (Employees)

Remote Desktop Services

Online App Access: Quick Set-up & Instructions

Remote Support Web Rep Console

From the Insert Tab (1), highlight Picture (2) drop down and finally choose From Computer to insert a new image

Installing VPN client by Jupiter Networks:

Passport Acceptance Agent Training System Student Guide

Colligo Manager for Outlook User Guide. User Guide

BROWSER-BASED SUPPORT CONSOLE USER S GUIDE. 31 January 2017

Steps. Step [1]: Click Download Bulk Enrolment Package Icon. (OR) Go to ITSM > Bulk Installation Package

Enter your Appserv username and password to sign in to the Website

New website Training:

Assistant User Guide

Deposit Wizard Panini Installation Guide

New Castle County Department of Land Use. System Use Requirements

Introduction to application management

VMware AirWatch - Workspace ONE, Single Sign-on and VMware Identity Manager

Remote Access Application Viewer User Guide. Version 2.3

IBM Trusteer Rapport Solution Update

CONTROL Installation and Basic-configuration Guide Contents

Using VMware Identity Manager Apps Portal

MSI Admin Tool User Guide

How-to Uninstall DivX Browser Bar and Conduit Search

Connect to Wireless, certificate install and setup Citrix Receiver

Remote Access Application Viewer User Guide. Version 2.5

Portal User Guide. Best practice tips and shortcuts Icon Legend Informational notes about functions. Important warnings about a function

Technology Services Group Procedures. IH Anywhere guide. 0 P a g e

XEN Web Portal Instructions

8.0 Help for Community Managers Release Notes System Requirements Administering Jive for Office... 6

EMS DESKTOP CLIENT Installation Guide

Centrify for Dropbox Deployment Guide

Citrix Remote Access

Remotely accessing GPH ICT systems

Deploying VMware Workspace ONE Intelligent Hub. October 2018 VMware Workspace ONE

9.4 Authentication Server

PISA 2018 COMPUTER-BASED SCHOOL QUESTIONNAIRE: PRINCIPAL S MANUAL

Student Lab Manual MS100.1x: Office 365 Management

HELPFUL LINKS AND S Velos eresearch URL. Technical Support. VPR Clinical Trials Office

CONFIGURING PRINTERS ON PERSONAL LAPTOPS Mac OS X 10.7.x Lion

Course Folder and Files Instructions for download and use

Citrix XenApp / XenDesktop Setup Procedure For Q-Tel Workstation

Exclaimer Mail Archiver

Workstation Configuration

OneDrive for Business Online

How to Install and Configure the Barracuda Outlook Add-In

Workstation Configuration

If you're having any trouble accessing Cayuse 424 or the Research Suite, you may want to clear your cookies [1].

Configuring the WebDAV Folder for Adding Multiple Files to the Content Collection and Editing Them

Remotely accessing GPH ICT systems

Workstation Configuration

Configuring Microsoft Outlook to Connect to Hosted Exchange Service

How do I sign up for a Canvas account as a parent?

Learning Management System (LMS) General FAQs

Using Citrix to access QFIS and other applications

VMware Workspace Portal End User Guide

Web Pro Manager: General User Guide

1) Use either Chrome of Firefox to access the VMware vsphere web Client. FireFox

Recommended Browser Settings

Workstation Configuration Guide

Portal Recipient Guide. The Signature Approval Process

SAML-Based SSO Configuration

Google Classroom User Manual

Compliance Deputy Version 5.1 User Guide

Comodo IT and Security Manager Software Version 6.9

QUICK START GUIDE. Quick Start Guide. This will assist you to setup and distribute content to a StratosMedia Player device in 4 easy steps.

How to Install and Configure the Barracuda Outlook Add-In

Office 365 Business and Office 365 Pro Plus Deployment Guide V 1.0

Ebrary User Guide. Downloading a Book: Reading ebrary books online: Accessing BookShelf: Using the Bookshelf:

International SOS e-learning Training Hub User Guide

Mobile Armor PC Encryption Installation Instructions R.6

APP-J: WHAT IS APPLICATION JUKEBOX?

Deployment User Guide

User Guide for Client Remote Access. Version 1.2

2015 Beta 2 Tutorials

Configuring the SMA 500v Virtual Appliance

VPN Client Configuration Guide

CIS 231 Windows 7 Install Lab #2

SharePoint General Instructions

EMERGENCY MANAGEMENT Continuity of Operations Portal Instructional Guide

Course CLD221x: Enabling Office 365 Clients

Dell SupportAssist for Business Client Systems. Quick Setup Guide for Dell ImageAssist Users

erequest Frequently Asked Questions

KODAK INSITE. Using InSite to Upload Files. Customer InSite Instructions. Supported Browsers & Recommendations:

VMware AirWatch: Directory and Certificate Authority

Wireless Printing in Mac OS X with IPP At Concordia University of Edmonton

User Guide for Students

Creating a Bookmark/Link for the Portal(my.cuw.edu)

Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager

Absoluttweb CMS Guide

KNOXPLANS for New Users

Transcription:

The Centrify browser extension The Centrify Browser Extension provides a method of adding user-password and other custom applications. The Centrify Identity Services browser extension is a free add-on that s required for single sign-on (SSO) to some web-based applications. Users will be prompted to install this extension if required by any of the applications which have the jigsaw puzzle icon in User Portal. Refer to the following topics for more information about the browser extension. Applications User Guide 1

Adding web applications by using Centrify Identity Services Infinite Apps Infinite Apps is a feature of the Centrify Browser Extension that simplifies adding a SaaS user-password application that is not in the Centrify Identity Services App Catalog. Infinite Apps provides the App Capture utility, which automatically discovers the user name and password fields on the web application log in page and adds the application to your portal Apps page. After you add the application, you can deploy it with single sign-on to user portals and devices. If the App Capture utility cannot discover the user name and password fields, it allows you to select them manually. By default, users can also use the browser extension to add applications to their user portal Apps page and devices. You can configure this setting using the Allow users to add personal apps policy (see Managing device configuration policies). This section contains the following topics: Installing Centrify Identity Services Infinite Apps Adding a web application by using App Capture Manually adding an application by using App Capture The Centrify browser extension 2

Installing Centrify Identity Services Infinite Apps To use the Infinite Apps feature, you must install another version of the Centrify Browser Extension in a Firefox browser. Infinite Apps only supports Firefox and the privacy setting must be configured for Remember History. After the application is captured, users can use any browser to open it from the user portal. After you add the extension, the App Capture utility is available from the drop-down menu when you click the Centrify Browser Extension icon in the toolbar. Go to Adding a web application by using App Capture to add an application. To install the Centrify Browser Extension with Infinite Apps: 1. If Firefox is not installed on your computer, install and open it. 2. Log in to Admin Portal using your system admin account. 3. In the user name drop down menu, click Downloads. 4. Click the link for the Firefox browser. 5. In the pop-up window, click Allow. The browser displays a dialog box for installing the browser extension. 6. Click Install Now. A dialog box appears for restarting the browser. 7. Click Restart Now to restart the browser and finish installation. After the browser restarts, the Centrify Browser Extension icon is added to the toolbar. If not, right-click the toolbar, select Customize, and drag the icon to the toolbar. Note If you are unable to log in, verify that the URL is correct it should match the one that you use to log in to Admin Portal generally, https://cloud.centrify.com/. If the URL does not match the one that you use to log in, go to the next section: Configuring Centrify Browser Extension to point to the Centrify Identity Platform to set up Centrify Browser Extension to work with your identity platform account. Applications User Guide 3

Configuring Centrify Browser Extension to point to the Centrify Identity Platform Skip this procedure if the URL for the Centrify user portal or Admin Portal begins with https://cloud.centrify.com/ and go directly to Adding a web application by using App Capture. Most users will not need to configure the browser extension to point to the identity platform. The browser extension is configured to work with the default Centrify identity platform URL https://cloud.centrify.com/. If your organization uses a different URL (for example, for a private identity platform or a test deployment), complete the steps in the following procedure to configure the browser extension to use the correct URL. To configure Centrify Browser Extension to work with a different URL: 1Open a browser window and type the following in the address box and click Return: about:config A warning box appears. 2Click Return. A list of application settings appears. 3Type centrify in the search box to find the Centrify extension settings. 4Double-click the following setting to see its value: extensions.centrify.portalhostname The value for this setting should be that of the identity platform, ordinarily this is cloud.centrify.com. 5If the value is something different, or if you are using a test version of the identity platform that uses a different URL, type the correct value and click OK. 6Restart your browser to effect the new URL. The Centrify browser extension 4

Adding a web application by using App Capture The App Capture utility is designed to discover the login user name and password fields in the login page automatically. If it can t find them, it gives you the option to select them manually. In addition, it lets you select a third field for applications that require another log in identifier, for example, a company ID. Note The App Capture utility cannot capture apps that use iframes. To add an application by using App Capture: 1. Open Firefox and go to the sign-in page for the application that you want to add. 2. Click the Centrify Browser Extension icon in the toolbar. If the browser extension icon is gray, then you need to log in to the Centrify Identity Services (user portal or Admin Portal) before continuing. 3. Click Capture. App Capture displays a pop up window that guides you through the capture process. After you click Capture, App Capture attempts to discover the user name and password fields in the login page. If it is successful, it displays the message and highlights the user name and password fields. If App Capture is not successful or selects the wrong fields, you need to set the fields manually. Click Set Manually and go to Manually adding an application by using App Capture to capture this application. 4. Determine how the login credentials are submitted. If App Capture selected the user name and login fields correctly, you need to capture how users submit their credentials for this web site. App Capture supports two cases: Users press the Enter key (on the keyboard) to submit their credentials. Applications User Guide 5

For example, after entering the user name and password, the user clicks the Enter key to submit their credentials to this web site. If this is how users submit their credentials, click Next. Users click a separate log in or sign in button to submit their credentials. If the application has a separate button, such as Sign me in in the picture, it may require the user to click the button. In this case, you need to capture the application manually. Click Set Manually and go to Manually adding an application by using App Capture) to complete capturing this application. If you are not sure which method the application requires, selecting the Enter key is the easier procedure for capturing the application and more reliable than trying to capture the submit button. After you assign the application, try opening it from the user portal. If single sign-on is not automated the next time you log in after you have provided your credentials, you will need to recapture the application using the manual method. 5. Add an additional field, if necessary. Some web applications have a third login field that requires the user to provide additional login information for example, a corporate ID. If this web site does require an additional field, click Yes and then Next. Then click the additional field in the application s login screen. App Capture highlights your selection and the pop-up window prompts you for the next entry. Note You enter the value you want to put in this field (for example, your organization s ID number for this application) in the Advanced page when you open the application details in Admin Portal. See the Advanced page description in Configuring applications for the details. 6. (optional) Modify the application properties -- application name, description, and icon. 7. Click Finish to proceed. 8. Select where to add the application -- user portal or Admin Portal. Adding the application to the user portal is for your use only. Adding the application to Admin Portal allows you to assign it to other users. The Admin Portal option is only available if you are in a role that has the Application Management right. 9. Click Submit. The Centrify browser extension 6

You can now assign this application to users. See Deploying applications to users on page 5. Applications User Guide 7

Manually adding an application by using App Capture If you opened the application and App Capture did not find the user name and password fields or selected the wrong fields, use the following procedure to identify them. In addition, you must use this procedure to add the application if you want to use a Submit button rather than use the Enter key to proceed with the sign-in. Note The App Capture utility cannot capture apps that use iframes. To set fields manually while adding an application: 1Open Firefox and go to the sign-in page for the application that you want to add. 2Click the Centrify Browser Extension icon and click Capture from the drop-down menu. App Capture displays a pop up window that guides you through the capture process. 3Click Set Manually. 4Click the <app name> Name field to identify this application s username field. For example, click the Skype Name field for Skype: App Capture tags Skype Name as the Username field and prompts you to select the Password field. 5Click the Password field to identify this application s password field. 6Select an additional login field. The Centrify browser extension 8

Some web applications have a third login field that requires the user to provide additional login information for example, a corporate ID. If this web site does require an additional field, click Yes and then Next. Then click the additional field in the application s login screen. App Capture highlights your selection and the pop-up window prompts you for the next entry. Note You enter the value you want to put in this field (for example, your organization s ID number for this application) in the Advanced page when you open the application details in Admin Portal. See the Advanced page description in Configuring applications for the details. 7Determine how the log in credentials are submitted. After they enter their credentials, users either press the Enter key (on the keyboard) or click a button to submit their credentials. Use keyboard Enter key event (Recommended): Select this option when users press the Enter key (on the keyboard) to submit their credentials. Capturing the Enter key is more reliable than trying to capture a sign-in button. Click Next to continue. Right-click the Sign in button on the Web page to capture it: Select this option when the user must click a separate login or sign-in button to submit their credentials to this web site. After you select this option, right-click the login/sign-in button on the Web page to capture it, then click Next to continue. This option is useful if you capture using the Enter key option and deploy the application, but your users are unable to log in. Often times, recapturing the application and selecting the sign-in button option corrects the problem. 8(Optional) Modify the application properties -- application name, description, and icon. 9Click Finish 10Select where to add the application -- user portal or Admin Portal. Adding the application to the user portal is for your use only. Adding the application to Admin Portal allows you to assign it to other users. The Admin Portal option is only available if you are in a role that has the Application Management right. 11Click Submit to add the application to the selected portal. Applications User Guide 9

12Click Close when the confirmation message appears. Continue with Configuring applications if you want to assign the application to other users. The Centrify browser extension 10

How to install the Centrify Identity Services Browser Extension This scenario is intended to guide system administrators through the procedures for installing the Centrify Browser Extension. Some web applications require installation of the Centrify Browser Extension to provide single sign-on. Without the browser extension, users will not be able to open these applications. You only need to install the browser extension one time per browser type. You can send the link for installing the browser extension directly to users -- https://cloud.centrify.com/installbe. When users click the link, the installer identifies the user s default browser and installs the corresponding extension. The link and the browser extension files for Chrome, Firefox, Safari, and Internet Explorer are also available in the Downloads item in the account name drop down menu in Admin Portal. Note You can only update the browser extension; reverting to previous versions is not supported. Applications User Guide 11

The browser extension is not required on mobile devices. The Centrify application and Centrify for KNOX both incorporate an internal browser that provides single sign-on. When device users open an application that requires the browser extension, the application is automatically opened in the internal browser. Browser extension dependent applications have the jigsaw puzzle symbol on the Apps page in the Centrify Identity Services user portal. After the browser extension is installed, the jigsaw symbol disappears. You can install the browser extension for Internet Explorer (IE) browsers on remote Windows computers or users can install it themselves. This scenario includes the following topics: Installing the Centrify browser extension for IE on remote Windows computers Options for user self installation Restricting Centrify Browser Extension updates Possible next steps The Centrify browser extension 12

Installing the Centrify browser extension for IE on remote Windows computers You can automate the installation of the Centrify Browser Extension(Internet Explorer version) onto remote Windows computers using a silent installation or using a Windows Group Policy Object (GPO). To deploy the browser extension on remote Windows computers using a silent unattended installation or using a GPO, you need to specify the appropriate command line options and Microsoft Windows Installer (MSI) file. You can also use a software distribution product, such as Microsoft System Center Configuration Manager (SCCM), to deploy software packages. An automated installation may fail if remote computers do not have the appropriate configuration. If you are installing silently or from a GPO, verify that the remote Windows computers meet the requirements described in Installing the browser extension for IE on remote Windows computers. To install the Centrify Browser Extension for Windows silently: 1Open a Command Prompt window or prepare a software distribution package for deployment on remote computers. For information on preparing to deploy software on remote computers, see the documentation for the specific software distribution product you are using. For example, if you are using Microsoft System Center Configuration Manager (SCCM), see the Configuration Manager documentation. 2Run the installer for the browser extension package for a 32-bit or 64-bit architecture. Applications User Guide 13

Note If the system has a 64-bit operating system, use the 64-bit package, CentrifyIEExtensionSetup(x64).msi. CentrifyIEExtensionSetup(x64).msi includes the binary for both 32-bit and 64-bit versions of Internet Explorer. For example, on 32-bit operating systems, run the following command: msiexec /qn /i "CentrifyIEExtensionSetup(x86).msi" On 64-bit operating systems, run the following command: msiexec /qn /i "CentrifyIEExtensionSetup(x64).msi" To install the Centrify Browser Extension from a Group Policy Object: 1. Copy the CentrifyIEExtensionSetup(x64).msi files to a shared folder on the domain controller or another location accessible from the domain controller. If you are installing on a 32-bit architecture, the installer file name is CentrifyIEExtensionSetup(x86).msi. When you select a folder for the installer file, you might want to right-click and select Share with > Specific people to verify that the folder is shared with Everyone or with appropriate users and groups. 2. On the domain controller, click Start > Administrative Tools > Group Policy Management. 3. Select the domain or organizational unit that has the Windows computers where you want to deploy the browser extension, right-click, then select Create a GPO in this domain, and Link it here. For example, you might have an organizational unit specifically for Centrify Identity Services-managed Windows computers. You can create a Group Policy Object and link it to that specific organizational unit. 4. Type a name for the new Group Policy Object, for example,centrify Identity Services Browser Extension Deployment, then click OK. 5. Right-click the new Group Policy Object, then click Edit. 6. Expand Computer Configuration > Policies > Software Settings. 7. Select Software installation, right-click, then select New > Package. 8. Navigate to the folder you selected in Step, select the.msi installation file, then click Open. 9. Select Published, then click OK. 10. Close the Group Policy Management Editor, right-click the Centrify Identity Services Browser Extension and verify Link Enabled is selected. The Centrify browser extension 14

By default, when computers in the selected domain or organizational unit receive the next group policy update or are restarted, the browser extension will be deployed and the computer will be automatically rebooted to complete the browser extension deployment. If you want to test deploy, you can open a Command Prompt window to log on to a Windows client as a domain administrator and force group policies to be updated immediately by running the following command: gpupdate /force For more information about how to configure and use Group Policy Objects, see the documentation on the Microsoft Windows website. Applications User Guide 15

Options for user self installation Users can install the Centrify browser extension using one of the following options: The user portal displays a banner on the Apps page above the application icons that has a link the user can click to initiate installation. The first time a user opens an application that requires the browser extension, the user portal opens a pop-up that prompts the user to initiate the installation. The systems administrator sends the link for installing the browser extension directly to users. When users click the link, the installer identifies the user s default browser and installs the corresponding extension. The link and the browser extension files for Chrome, Firefox, Safari, and Internet Explorer are provided in the Downloads page under Browser Extensions. The Centrify browser extension 16

Restricting Centrify Browser Extension updates You can control when users are prompted to update the Centrify Browser Extension so you can test and verify the latest version in your environment before making it available to your users. Note Because the Chrome Web Store can only host one version of the browser extension, preventing users from updating the Browser Extension beyond a specified version is not supported on Chrome. To restrict Centrify Browser Extension updates 1. Sign in to the Admin Portal, then click Core Services > Policies. 2. Select an existing policy set, or create a new one. Policy sets are applied to users by applying them to everybody, specified roles, or sets. 3. Select Application Policies > User Settings. 4. Set Set browser extension version (default latest version) to the release version you want to restrict your users to, then click Save. Applications User Guide 17

Users are only prompted to update the Centrify Browser Extension if their version is older than the version you specify in the policy. Note Installing previous versions of the browser extension is not supported. If you stop restricting users to an older version of the browser extension and permit them to install newer versions, the older version will be removed from the Set browser extension version list. The Centrify browser extension 18

Possible next steps You might be interested in the following scenarios: How to configure Mobile Device Management or single sign-on only How to enroll devices How to install a Centrify Connector How to configure Integrated Windows authentication How to configure browsers for silent authentication How to create a policy set and assign it to users How to define authentication requirements How to configure and deploy applications to users How to configure user self-service options Applications User Guide 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback