Active Directory Authentication for Linux & UNIX

Centrally manages user IDs, authentication, security policies and configurations across UNIX, Linux and Windows.

Provides a single user login and password for all UNIX, Linux and Windows machines.

Easily installed, non-intrusive program that requires no system reboots.

Reduces administrative costs, improves security and simplifies compliance.

Microsoft® Active Directory® is widely deployed in enterprises where it provides centralized authentication, authorization, account access, policy enforcement, and infrastructure management. However, it does not support UNIX and Linux operating systems.

BeyondTrust PowerADvantage is an integrated authentication and configuration application that leverages a company’s investment in Active Directory by extending its attributes beyond the Windows operating environment to heterogeneous UNIX/Linux environments. PowerADvantage integrates UNIX and Linux hosts into Active Directory and provides functionality not supplied by Microsoft’s Services for UNIX program and thus extends the benefits of Active Directory in a manner that is quite compatible with the UNIX/Linux environment.

How PowerADvantage Works

PowerADvantage implements an agent on UNIX and Linux machines that communicates with Active Directory’s domain controllers. During the installation of the PowerADvantage agent, the UNIX/Linux host is joined to the domain and the host is configured to route authentication requests through the PowerADvantage agent. This allows the PowerADvantage agent to communicate with the Active Directory domain controllers to process authentication requests and access the Group Policy Objects used for configuration management.

After installation, the computer object for each UNIX/Linux host can be moved to different organizational units in the Active Directory hierarchy, changing which set of Group Policy Objects apply to that host. The PowerADvantage Context of each host can also be changed, which will immediately change the login configuration for all Active Directory-based users logging in to that host. Both of these changes can be performed without re- booting the host or re-starting the PowerADvantage agent. Additionally, the PowerADvantage agent is configured by Group Policy, so any changes in the configuration of the agents can be performed through Group Policy without the need to visit each individual host.

PowerADvantage Diagram - How PowerADvantage Works

PowerADvantage Key Features

PowerADvantage delivers a single, centralized management solution that reduces costs, administrative overhead and training requirements while helping organizations strengthen their corporate security policies, increasing productivity and simplifying compliance reporting requirements.

Cross-platform Single Sign-on (SSO) — PowerADvantage helps create a Single Sign-on environment where users can log in once with their user name and password to gain access to the resources of multiple software systems.
Simple Installation Process — Administrators can deploy PowerADvantage in a matter of minutes and without making any irreversible changes to the Active Directory schema. PowerADvantage’s simple agent installation process joins the host to the Active Directory and implements the unified login function, eliminating any complex, time consuming configuration changes. PowerADvantage does not create its own “classes” but instead re-uses existing Active Directory classes. All PowerADvantage data is stored in one Active Directory container. Additionally, PowerADvantage’s intelligent import wizard streamlines and simplifies the importing and mapping of your current UNIX/Linux user information directly into Active Directory.
Integration with PowerBroker — PowerADvantage integrates directly with PowerBroker—the industry’s most comprehensive solution for authorization and access control within heterogeneous UNIX/Linux IT environments. The combination of PowerADvantage and PowerBroker enhances security and compliance efforts by facilitating efficient management of both end-user and administrator account access from Active Directory while controlling access and tasks performed using the root account.
Automated Deployment of Configuration Settings — Using Group Policy, IT administrators can leverage Active Directory to establish secure, centrally-managed configuration services to UNIX and Linux hosts (as well as to the applications running on them). Using either custom-created administrative templates or those provided by PowerADvantage, administrators create configuration settings that are automatically stored in Active Directory. This facilitates the rapid automatic deployment and maintenance of configuration settings across a large number of hosts, greatly reducing administrative time and cost. Because these policies are reapplied to each host based on a pre-determined interval, any unapproved changes to the configuration items maintained by PowerADvantage will be reset back to the approved settings at the next policy refresh interval.
Flexible Administration - PowerADvantage is designed so that the product can be administered from either the GUI interface or the command line interface (CLI). For those UNIX/Linux administrators that are more comfortable working with the CLI, the product can be administered just as one would if working via the console.
Targeted Configuration Management — PowerADvantage’s configuration management capabilities leverage Active Directory’s organizational unit structure to deliver targeted configuration services to any number of individual hosts within the IT environment. This enables administrators to apply the configuration settings to selected hosts or applications. For example, the Web servers running an organization’s public Web site should be configured differently than the servers running the internal intranet. PowerADvantage facilitates the configuration of each group of servers differently. Additionally, customers can leverage Active Directory to establish a hierarchy of organizational units (with a specific host placed in the appropriate unit). The host will then inherit all the policies in the hierarchy above and PowerADvantage will resolve any conflicting items in the policy and determine the proper group of settings to apply to the individual host.
Leverages the Group Policy features of Active Directory — to provide secure, centrally-managed configuration services to UNIX and Linux hosts, and to the applications running on those hosts. Using either the Administrative Templates provided with PowerADvantage, or customer-created Administrative Templates, Administrators use the Active Directory Group Policy Object Editor to create configuration settings, which are stored in Active Directory. PowerADvantage compiles applicable policies into a Resultant Set of Policy (RSoP) result. The PowerADvantage RSoP Applicator scripts determine which settings should be applied to the host, and apply the correct set of configuration settings to the host or its applications.
Detailed Compliance Reports — PowerADvantage helps ensure that all activities performed on UNIX and Linux systems are written to the proper Active Directory logs. It produces audit reports required by Sarbanes-Oxley, PCI DSS and HIPAA, providing a comprehensive trail for auditors. This simplifies the compliance process and reduces overall audit costs, and it allows for the more rapid discovery of anomalies as part of a sound security posture.

Supported UNIX/Linux/Windows Platforms

Product README

Screenshots

Logon/Logoff Activity Report

User Properties

Failed Kerberos Activity

Site Map Contact Us Privacy Policy/ California Privacy Rights Home