How to have a user in a zone but not allow access to the server?
Applies to: All versions of Centrify Direct Control
Question:
How to have a user in a zone but not allow access to the server?
Answer:
Assign the user to the predefined role called "Listed role", which is available by default in every zone. The Listed role makes a user profile visible in a zone but does not grant any type of access rights, PAM rights, or command rights. This is a specialized role that can be used when a user profile must exist for computers in a zone, but no local or remote access should be granted .
For more information about the predefined access right / role. please refer the Administrator’s Guide for Linux and UNIX. Section : Access rights defined in the UNIX Login role ( Page 115-118)