Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-1305: Cannot map root user (from adnisd) to NFS user maps with Microsoft NFS server

Auditing and Monitoring Service ,   Authentication Service ,   Mac & PC Management Service ,  

12 April,16 at 11:45 AM

Applies to: All versions of DirectControl with Microsoft NFS Server


After following the whitepaper on "Using DirectControl with Microsoft NFS Server", root users cannot be seen to map.


This is because adclient ignores users with UID 0, GID 0, the name root, and the groups wheel and root from Active Directory.


Before following the steps in the document, do the following:

- Edit /etc/centrifydc/user.ignore and comment out  "root".
- Edit /etc/centrifydc/group.ignore and comment out "root, wheel".
- Edit /etc/centrifydc/centrifydc.conf, un-comment and set the parameter

nss.squash.root: false

Then run adflush, adreload and restart adclient.