Manage login filters

Specify the users and groups allowed to log in to the system.

There are two lists, one for user names and one for group names. These lists either specify the users and groups who are allowed to log in (in which case all other users and groups are denied), or the users and groups who are denied login access (in which case all others are allowed).

With this policy, you can explicitly list either:

- Users and groups who are allowed to log in (all other users and groups are denied)
- Users and groups who should be denied access (all others are allowed)

When you enable this policy, you can select either allow or deny option, then specify a list of user names, a list of group names, or both. You should specify samAccountName@domain_name as user or group name. Use a comma to separate entries.

Depending on your selections when you configure this group policy setting, the policy can modify any of the following configuration parameters in the Centrify DirectControl configuration file:

pam.allow.groups
pam.allow.users
pam.deny.groups
pam.deny.users


Supported on:
Run Commands

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\Login
Value Name{number}
Value TypeREG_DWORD
Default Value

centrifydc_settings.admx

Administrative Templates (Computers)

Administrative Templates (Users)