Applies to: All version of DirectControl on All platform
After setting adclient.cache.encrypt to true, AD users are unable to login offline with cached credentials when adclient restarted or machine rebooted.
Setting adclient.cache.encrypt to true, will encrypt all of the Active Directory data stored in the cache and more importantly the cache is flushed each time the Centrify DirectControl agent starts up. So if this feature is enabled either by manually setting adclient.cache.encrypt parameter in centrifydc.conf or via group policy the offline logins will get affected.
Set adclient.cache.encrypt to false and run adreload or disable the group policy in:
Computer Configuration > Centrify Settings > DirectControl Settings > Adclient Settings > Encrypt Adclient cahce data
and run adgpupdate.