Centrify enables AD-based authentication for Macs

* Centrify aims to make letting Macs into your networks easier to swallow

What would it take to get you to add a couple of Macintoshes to your network? What, you say you already have some but it's not something you like to talk about? Do you have management problems with them? Well, now there's a new tool - or, rather, a new twist on an old tool - that should make integrating those Macs on your network as full-fledged members just a little bit easier.

Sure, you can install Microsoft's Services for Macintosh (SFM) to provide basic file and print services to the Apple platform. But that's not really fully participating in the network, is it?

If OS X is running on the Mac, you can provide an account for the user who can log in directly from the Mac desktop and get access to file shares. The user still must log in to each resource and isn't integrated with Active Directory, but can get to file shares a lot more quickly than with SFM. As an added bonus, OS X can be configured to show up in a workgroup and share files with the Windows-based machines as well.

But you'd really like to have more, wouldn't you?

How about full Active Directory control? How about group policies for those Mac users? Wouldn't that be great? Well, now you can.

The latest version of Centrify's DirectControl suite enables Active Directory-based authentication and access control for Mac systems and is the first and only product that enables IT managers to centrally secure and configure Mac systems through Active Directory Group Policy. You get to strengthen security by establishing a single point of administration - Active Directory. And end users gain single sign-on to their Macs through their Active Directory account. Sounds like a win-win situation.

See the product page at Centrify's Web site for the full list of DirectControl's benefits for IT managers, but to whet your appetite, consider these:

* DirectControl's Zone technology enables you to allow users to log on only to the Mac systems they really need to access.

* You can delegate administration of Mac systems to individuals without giving them privileges on any other systems.

* It enables offline login to Mac laptops with cached credentials (similar to Windows XP) without creating an account on the local computer.

* You can centrally control the following configuration features that previously had to be managed - if it was possible at all - at each local computer: transparent single sign-on to Windows files shares, home directory auto-mounts to Windows file shares, and assignment of UIDs and the groups and their GIDs that are used to assign and control access for file permissions consistency.

If you have Macs on your network, or if you've been scrambling to resist their entry into your network, you need to look closely at the new version of DirectControl. It's not often you can both improve security while improving ease of use for some users, but this product will let you do just that.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Take IDG’s 2020 IT Salary Survey: You’ll provide important data and have a chance to win $500.