Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-10586: How to allow a non-admin user join machines to the zone

Authentication Service ,  

27 June,18 at 11:18 PM

The need may arise for allow a technician who is not an administrator to join a linux machine to a zone. This can be accomplished in a few simple steps and does not require the computer object to be precreated. However, the user who is performing these steps must have Domain Administrator permissions in Active Directory and must also be the owner of the zone that is being modified.

1) Open Centrify Access Manager, right-click the zone you would want to manage, then choose 'Properties'

2) Choose the General tab, then click 'Permissions'

User-added image

3) Check the groups listed at the top of this window and see if any of them have 'Read' checked.

User-added image

4) Add your technicians to this group (you can use an existing group or create your own, but make sure it has 'Read' permissions over the zone)

5) Next time a technician joins a machine that hasn't been precreated, have them run the join and specify the "-u" option and have them enter their AD username and password.

The syntax of the adjoin command would look something like this:
# adjoin <domain name> -z <zone name> -u <username>