DirectAuthorize Simplifies User Role Definition

By Frank Ohlhorst  |  Posted 2012-09-06 Print this article Print

DirectAuthorize brings additional granular control to administrators, especially those looking to use a roles-based administration paradigm. With DirectAuthorize, I was able to define roles for users, allowing me to assign users to particular zones and creating customized rights sets for users that were members of the roles. I found the roles-based administration capabilities were comprehensive, almost to the point of providing too much detail. Roles can also be applied to groups and other objects, which allowed me to create roles specifically meant for member Linux systems and also to create global rights for root- (or administrator-) level accounts.

DirectAudit is another key piece of the Centrify Suite 2012 Enterprise Edition puzzle. DirectAudit is primarily used to capture historical user activity. Simply put, DirectAudit records user activity, so that it can be reviewed at a later date. Using the DirectAudit auditor console, I was able to select sessions to view.

Recorded sessions are listed on the console and can be filtered, sorted or selected based upon a number of criteria, including dates, zones, groups, users and systems. Predefined queries help to keep sessions in order and I was able to create my own custom queries as well. The nice thing about DirectAudit is that it captures more than just a video of user activity.

The product also captures metadata, session activity and system events. That allowed me to filter the captured information even further. For example, I was able to quickly find Unix log-on events using filters and then just focus on what happened around those particular events. That proves to be a big time saver; I did not have to watch a complete video session to identify log-on or log-off events.

While Centrify does an excellent job in the user-management and rights-control consolidation game, it is not the only company out there than can get the job done. Quest Software offers Quest One Identity Suite, which is tuned more toward single sign-on and account management on homogeneous networks.

Fischer International is another player in the centralized user-management field, offering an identity-management suite that is designed to work with native directory systems and leverage the cloud as a service paradigm.

NetIQ is another player in the consolidated identity-management arena, offering both cloud-based and on-site systems that bring single-sign-on, user management and heterogeneity networking support into the management picture. Ensim Unify Enterprise Edition is another premise-based product that stitches directories together and unifies user management. Ensim Unify also offers support for smartphones and other devices as well, moving it into the bring your own device (BYOD) market, a critical new area that many identity-management vendors need to tackle.

Centrify aims to bring BYOD support to their products in the near future, which should transform the Centrify Suite into a one-stop solution for user and heterogeneous credential management.

Frank Ohlhorst Frank J. Ohlhorst is the Executive Technology Editor for eWeek Channel Insider and brings with him over 20 years of experience in the Information Technology field.He began his career as a network administrator and applications program in the private sector for two years before joining a computer consulting firm as a programmer analyst. In 1988 Frank founded a computer consulting company, which specialized in network design, implementation, and support, along with custom accounting applications developed in a variety of programming languages.In 1991, Frank took a position with the United States Department of Energy as a Network Manager for multiple DOE Area Offices with locations at Brookhaven National Laboratory (BNL), Princeton Plasma Physics Laboratory (PPL), Argonne National Laboratory (ANL), FermiLAB and the Ames Area Office (AMESAO). Frank's duties included managing the site networks, associated staff and the inter-network links between the area offices. He also served at the Computer Security Officer (CSO) for multiple DOE sites. Frank joined CMP Technology's Channel group in 1999 as a Technical Editor assigned to the CRN Test Center, within a year, Frank became the Senior Technical Editor, and was responsible for designing product testing methodologies, assigning product reviews, roundups and bakeoffs to the CRN Test Center staff.In 2003, Frank was named Technology Editor of CRN. In that capacity, he ensured that CRN maintained a clearer focus on technology and increased the integration of the Test Center's review content into both CRN's print and web properties. He also contributed to Netseminar's, hosted sessions at CMP's Xchange Channel trade shows and helped to develop new methods of content delivery, Such as CRN-TV.In September of 2004, Frank became the Director of the CRN Test Center and was charged with increasing the Test Center's contributions to CMP's Channel Web online presence and CMP's latest monthly publication, Digital Connect, a magazine geared towards the home integrator. He also continued to contribute to CMP's Netseminar series, Xchange events, industry conferences and CRN-TV.In January of 2007, CMP Launched CRNtech, a monthly publication focused on technology for the channel, with a mailed audience of 70,000 qualified readers. Frank was instrumental in the development and design of CRNTech and was the editorial director of the publication as well as its primary contributor. He also maintained the edit calendar, and hosted quarterly CRNTech Live events.In June 2007, Frank was named Senior Technology Analyst and became responsible for the technical focus and edit calendars of all the Channel Group's publications, including CRN, CRNTech, and VARBusiness, along with the Channel Group's specialized publications Solutions Inc., Government VAR, TechBuilder and various custom publications. Frank joined Ziff Davis Enterprise in September of 2007 and focuses on creating editorial content geared towards the purveyors of Information Technology products and services. Frank writes comparative reviews, channel analysis pieces and participates in many of Ziff Davis Enterprise's tradeshows and webinars. He has received several awards for his writing and editing, including back to back best review of the year awards, and a president's award for CRN-TV. Frank speaks at many industry conferences, is a contributor to several IT Books, holds several records for online hits and has several industry certifications, including Novell's CNE, Microsoft's MCP.Frank can be reached at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel