Set Sync Mapped Users
Synchronize the Active Directory password for local mapped users. When you enable this policy for a mapped user, if the user changes their Linux, UNIX, or Mac OS X password with the passwd command, or with a similar command, PAM changes the password to match in the local Linux, UNIX, or Mac OS X account. In this way, if there are problems with the network, Active Directory, or adclient, local users can still log into the machine.
This policy has no effect on Mac OS X computers.
To log in as a local user, append @localhost to the username. For example, log on as:
root@localhost
After enabling this policy, click Browse to search for users to add.
For this policy to work:
- The specified user must be a mapped user configured in
centrifydc.confwith thepam.mapuserparameter. - Either the Centrify or Microsoft password synchronization service must be installed on all domain controllers.
- The zone to which the machine belongs must be configured to support agentless clients.
- The Active Directory user to whom the local user is mapped must have a profile in the zone configured for agentless authentication.
This group policy modifies the pam.sync.mapuser setting in the agent configuration file.
