Merge local group membership

Merge local group membership from the /etc/group file into the Centrify DirectControl group membership for groups that have the same name and GID.

For example, if Centrify DirectControl Agent retrieves the membership list of kwan, emily, and sam for the group profile with the group name performx1 and GID 92531 from Active Directory and there is also a local group named performx1 with the GID 92531 with users wilson and jae, the merged group would include all five members (kwan, emily, sam, wilson, jae).

By default, this group value is set to false to prevent unexpected results.

Be careful when enabling this policy, because it violates normal NSS behavior and, therefore, may have unexpected side effects. You should analyze your environment carefully, and determine that you can safely merge local and Active Directory group profiles before enabling this policy.

This group policy modifies the adclient.local.group.merge setting in the Centrify DirectControl configuration file.


Supported on:
Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings
Value Nameadclient.local.group.merge
Value TypeREG_SZ
Enabled Valuetrue
Disabled Valuefalse

Client alive interval (seconds):

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings
Value Nameadclient.local.group.merge
Value TypeREG_DWORD
Default Value0
Min Value0
Max Value

centrifydc_settings.admx

Administrative Templates (Computers)

Administrative Templates (Users)