Allow Localhost Users

Specify user names that should be allowed to authenticate locally when logging in.

This group policy is used to ensure that an account mapped to an Active Directory user can still access a system locally if there are problems with the network, the Active Directory server, or the agent.

If you select Enabled for this group policy, the users you specify can log in locally by appending @localhost to the user name. For example, if you specify the root user, you would log in as root@localhost.

This group policy modifies the pam.allow.override setting in the agent configuration file.

This group policy and the pam.allow.override configuration parameter are not supported on AIX computers. There is no equivalent policy or parameter for controlling local access on AIX computers.

If you are using a Solaris machine with the Name Switch Cache Daemon (NSCD) running, you will not be able to log in as an override user using <username>@localhost.