Blacklist DNS DC hostnames

Specify the list of domain controllers that should be filtered out when resolving the domain controller to contact through DNS.

This policy enables you to prevent Centrify DirectControl Agent (adclient) from attempting to contact domain controllers that are known to be inaccessible, for example, because they reside behind a firewall, or domain controllers that shouldn't be contacted, for example, because of their physical location or because they are no longer valid domain controllers for the site.

DC hostname:
Fully qualified domain name of domain controller.

This group policy modifies the dns.block setting in the Centrify DirectControl configuration file.


Supported on:
Sync in the background:



Sync interval (minutes):

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\BlockDNS
Value Name
Value TypeREG_DWORD
Default Value20
Min Value0
Max Value
Show status in menu bar
Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\BlockDNS
Value Name
Value TypeREG_DWORD
Default Value1
True Value1
False Value0

centrifydc_settings.admx

Administrative Templates (Computers)

Administrative Templates (Users)