Auto Zone domain prefix overrides

Specify a unique prefix for a trusted domain.

Centrify DirectControl Agent combines the prefix with the lower 22 bits of each user or group RID (relative identifier) to create unique UNIX user (UID) and group (GID) IDs for each user and group in the forest and in any two-way trusted forests.

Ordinarily, you do not need to set this policy because Centrify DirectControl Agent automatically generates the domain prefix from the user or group Security Identifier (SID). However, in a forest with a large number of domains, domain prefix conflicts are possible. When you join a machine to a domain, if Centrify DirectControl Agent detects any conflicting domain prefixes, the join fails with a warning message. You can then set a unique prefix for the conflicting domains.

To set this parameter, select Enabled, then click Add. Type a domain name and type a prefix or use the arrows to set a prefix number. The prefix must be in the range 0-511. Click OK to enter the prefix and domain. Add as many prefixes as you need, then click OK to close the group policy property page.

This group policy modifies the auto.schema.domain.prefix parameter in the DirectControl configuration file.

