Set Sync Mapped Users

Synchronize the Active Directory password for local mapped users. When you enable this policy for a mapped user, if the user changes their Linux, UNIX, or Mac OS X password with the passwd command, or with a similar command, PAM changes the password to match in the local Linux, UNIX, or Mac OS X account. In this way, if there are problems with the network, Active Directory, or adclient, local users can still log into the machine.

This policy has no effect on Mac OS X computers.

To log in as a local user, append @localhost to the username. For example, log on as:

root@localhost

After enabling this policy, click Browse to search for users to add.

For this policy to work:

The specified user must be a mapped user configured in centrifydc.conf with the pam.mapuser parameter.
Either the Centrify or Microsoft password synchronization service must be installed on all domain controllers.
The zone to which the machine belongs must be configured to support agentless clients.
The Active Directory user to whom the local user is mapped must have a profile in the zone configured for agentless authentication.

This group policy modifies the pam.sync.mapuser setting in the agent configuration file.