Problem:

No or little space in /var directory prevents Active Directory users from logging into a Centrify-enabled machine.


Cause:

Lack of space or a full disk or directory may be caused by files in those directories getting too large, including the cache files used by Centrify DirectControl.

Resolution:

If this situation arises, Centrify recommends logging in as root and doing the following command: adflush ...This will flush the Centrify cache and make room in /var, and AD users should be able to log in. Centrify then recommends freeing or making additional space in the /var directory.

Note: If you are using a root account that is mapped to Active Directory for the zone that this machine is in, use "root@localhost" and your local root password to access the machine if you are unable to log in as any AD user.

If you are not using a root account that is mapped to Active Directory (i.e. root_default), please edit /etc/centrifydc/centrifydc.conf and comment out the line: pam.mapuser.root: root_$ZONE ...Which will continue to allow the local root account to have local access to the machine in this situation.