Salesforce

KB-1381: How to force adclient to go into disconnected mode for testing purposes.

Printable View
« Go Back

Information

 
TitleKB-1381: How to force adclient to go into disconnected mode for testing purposes.
URL NameKB-1381-How-to-force-adclient-to-go-into-disconnected-mode-for-testing-purposes
Knowledge Article TypeProblem / Resolution
Article TypeKnowledge
ArticleType 
ProductAuthentication Service
Component 
Version 
Tags
Internal Comments
Article Edits
Bug #28499
Solution ID1381
Knowledge Base Article Details

Applies to: All versions of Centrify DirectControl on all platforms

Question:
Is there any way to force adclient to go into disconnected mode for testing purposes?

Answer:
For Centrify DirectControl version 4.4.2 and below:

Set in /etc/centrifydc/centrifydc.conf:

adclient.server.try.max: 0

Then restart adclient. This will stop adclient from trying to connect to any server and go into disconnected mode.

For Centrify DirectControl version 4.4.3 and above:

Set in /etc/centrifydc/centrifydc.conf:

dns.dc.<domain>: nosuchhost

Then restart adclient. This will stop adclient from trying to connect any server in that domain and will go to disconnected mode.

For example:

[root@RedHat Desktop]# adinfo
Local host name:   redhat
Joined to domain:  henry.cheung
Joined as:         redhat.henry.cheung
Pre-win2K name:    redhat
Current DC:        win-pufvvl4b9mr.henry.cheung
Preferred site:    testsite
Zone:              henry.cheung/Program Data/Centrify/Zones/SFU Zone
Last password set: 2013-07-17 04:04:27 EDT
CentrifyDC mode:   connected
Licensed Features: Enabled 

[root@RedHat Desktop]# vi /etc/centrifydc/centrifydc.conf   
(added "dns.dc.henry.cheung: nosuchhost") 

[root@RedHat Desktop]# cat /etc/centrifydc/centrifydc.conf | grep dns.dc.henry.cheung
dns.dc.henry.cheung: nosuchhost 

[root@RedHat Desktop]# adinfo
Local host name:   redhat
Joined to domain:  henry.cheung
Joined as:         redhat.henry.cheung
Pre-win2K name:    redhat
Current DC:        <unavailable>
Preferred site:    testsite
Zone:              henry.cheung/Program Data/Centrify/Zones/SFU Zone
CentrifyDC mode:   connected
Licensed Features: Enabled

[root@RedHat Desktop]# /usr/share/centrifydc/bin/centrifydc restart 
Centrify DirectControl restarted.

[root@RedHat Desktop]# adinfo
Local host name:   redhat
Joined to domain:  henry.cheung
Joined as:         redhat.henry.cheung
Pre-win2K name:    redhat
Current DC:        <unavailable>
Preferred site:    testsite
Zone:              henry.cheung/Program Data/Centrify/Zones/SFU Zone
CentrifyDC mode:   disconnected
Licensed Features: Enabled

Note:
adclient.server.try.max was depreciated since 4.4.3 and is resurrected in 5.1.0. However, this parameter has a different meaning in 5.1.0 and above. In Centrify DirectControl agent 5.1.0 and above, if adclient.server.try.max is set to 0, and adclient loses connection with the primary DC, before switching to Disconnected mode, adclient will try EVERY known DC inside the domain until it finds one to talk to. (instead of going into Disconnected mode immediately as in 4.4.2 or below. Please refer to the following KB for details:

Created ByArticle Admin
Solution CreatorIan Lau
DraftNot Checked
LithiumId
Lithium_Board_Id
Lithium_View_Href
Tags 
Category 
ArticleImage
Known IssuesNot Checked
Powered by