Centrify – Linux – Access denied – Can not locate any Centrify Connectors for MFA

[tiagotoledo]

Centrify – Linux – Access denied – Can not locate any Centrify Connectors for MFA

Link: http://tiagobigode.com.br/2018/10/31/ce ... s-for-mfa/

Ao configurar MFA para os usuários, eles não conseguem realizar login com mensagem de acesso negado. Executando o comando: /usr/share/centrifydc/bin/adcdiag identificamos o erro abaixo:

Verify that Centrify Connectors are configured correctly : Error : Can not locate any Centrify Connectors for MFA.

Please fix the connector issues according to the diagnostic : report.
CURCNTR : Verify that DirectControl has selected a workable Centrify : Connector : Error
: The Centrify Connector that DirectControl is using is not : working now.
: Please run “adflush -c” to update Centrify Connectors in : DirectControl. CLOUDROLE : Verify that this machine has permissions to perform Centrify
: Identity Platform authentication : Error
: Can not perform this checking because previous checking
: failed.
: Please fix the previous error first.
MFA checking failed with errors. MFA doesn’t work on this server. Please fix the issues according to fixing suggestions in each section.
For more diagnostic information, please check /var/centrify/tmp/adcdiagCheckingReport_20181031_091633.log.

Para resolver esse problema é preciso adicionar o certificado IwaTrustRoot.cer que fica disponível no portal. Baixar o certificado e colocar na pasta /var/centrify/net/certs