Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-1381: How to force adclient to go into disconnected mode for testing purposes.

Centrify DirectControl ,  

12 April,16 at 11:45 AM

Applies to: All versions of Centrify DirectControl on all platforms

Question:
Is there any way to force adclient to go into disconnected mode for testing purposes?

Answer:
For Centrify DirectControl version 4.4.2 and below:

Set in /etc/centrifydc/centrifydc.conf:

adclient.server.try.max: 0

Then restart adclient. This will stop adclient from trying to connect to any server and go into disconnected mode.

For Centrify DirectControl version 4.4.3 and above:

Set in /etc/centrifydc/centrifydc.conf:

dns.dc.<domain>: nosuchhost

Then restart adclient. This will stop adclient from trying to connect any server in that domain and will go to disconnected mode.

For example:

[root@RedHat Desktop]# adinfo
Local host name:   redhat
Joined to domain:  henry.cheung
Joined as:         redhat.henry.cheung
Pre-win2K name:    redhat
Current DC:        win-pufvvl4b9mr.henry.cheung
Preferred site:    testsite
Zone:              henry.cheung/Program Data/Centrify/Zones/SFU Zone
Last password set: 2013-07-17 04:04:27 EDT
CentrifyDC mode:   connected
Licensed Features: Enabled 

[root@RedHat Desktop]# vi /etc/centrifydc/centrifydc.conf   
(added "dns.dc.henry.cheung: nosuchhost") 

[root@RedHat Desktop]# cat /etc/centrifydc/centrifydc.conf | grep dns.dc.henry.cheung
dns.dc.henry.cheung: nosuchhost 

[root@RedHat Desktop]# adinfo
Local host name:   redhat
Joined to domain:  henry.cheung
Joined as:         redhat.henry.cheung
Pre-win2K name:    redhat
Current DC:        <unavailable>
Preferred site:    testsite
Zone:              henry.cheung/Program Data/Centrify/Zones/SFU Zone
CentrifyDC mode:   connected
Licensed Features: Enabled

[root@RedHat Desktop]# /usr/share/centrifydc/bin/centrifydc restart 
Centrify DirectControl restarted.

[root@RedHat Desktop]# adinfo
Local host name:   redhat
Joined to domain:  henry.cheung
Joined as:         redhat.henry.cheung
Pre-win2K name:    redhat
Current DC:        <unavailable>
Preferred site:    testsite
Zone:              henry.cheung/Program Data/Centrify/Zones/SFU Zone
CentrifyDC mode:   disconnected
Licensed Features: Enabled

Note:
adclient.server.try.max was depreciated since 4.4.3 and is resurrected in 5.1.0. However, this parameter has a different meaning in 5.1.0 and above. In Centrify DirectControl agent 5.1.0 and above, if adclient.server.try.max is set to 0, and adclient loses connection with the primary DC, before switching to Disconnected mode, adclient will try EVERY known DC inside the domain until it finds one to talk to. (instead of going into Disconnected mode immediately as in 4.4.2 or below. Please refer to the following KB for details:

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.