Configuring Authentication for All Conditions

You can require users to always authenticate, regardless of connection factors
or conditions. For example, if you create an authentication profile with only
the password mechanism selected and assign it to the Default Profile option,
then all users (regardless of the log in computer’s IP address and browser
identity cookie) will be asked to enter passwords.

To configure authentication for all conditions:

1. Log in to Admin Portal.

2. Click Access > Policies and select the policy you want to edit or click
   Add Policy Set to create a new one.

3. Click Authentication Policies > Centrify Services.

4. Select Yes in the Enable authentication policy controls drop-down.

5. Select the authentication profile you want applied in the Default
   Profile drop down.

• The authentication profile is where you define the authentication methods.
  If you have not created the necessary authentication profile, select Add New Profile at the bottom of the drop-down list. See Preparing Authentication Profiles.

• If you have authentication rules configured, then those rules are processed
  first and users that do not fall under those rules will be processed using
  the authentication profile selected in the Default Profile.

• If you have no authentication rules configured and you select Not Allowed in the Default Profile dropdown, users will not be able to log in to the service.

6. Click Save.