Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-2036: How to customize banner using Centrify GP when user logins using Centrify OpenSSH

Authentication Service ,  

12 April,16 at 11:07 AM

Applies to: All versions of Centrify DirectControl-enabled OpenSSH.

Question:
Is it possible to customize the "banner"  using Centrify GP when a Centrify user logins to a server using Centrify OpenSSH.

Answer:
Yes.  The steps are as follows.

1) You need to enable the Microsoft Group Policy under Active directory “Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Interactive logon: Message text for users attempting to log on". Customize the banner text here. 

2) Set banner path under Centrify Group Policies.

Use the SSH Settings group policies to manage different aspects of secure shell (ssh) authentication. The SSH Settings group policies are defined in the

centrify_unix_settings.xml administrative template. When you set SSH Settings group policies, parameters are set in the secure shell configuration file, /etc/centrifydc/ssh/sshd_config, not in the Centrify DirectControl configuration file.

Name of the GP is "Set Banner Path":

Identify a file on the UNIX machine to be sent to a remote user requesting authentication. Typically, the file contains a warning about authentication to provide legal protection to the company. This group policy modifies the ssh.Banner setting in the /etc/centrifydc/ssh/sshd_config file.

3) Wait for GPs to get executed.

4) Login using SSH and see if banner is displayed.

 

 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-3925: How to add Centrify parameter to a group policy articleKB-7555: Unable to login as root after upgrade to Centrify Suite 2016 (CDC 5.3.0) articleKB-6041: How to show current license type in use by adclient articleKB-6040: How to change the license type in use after adclient successful joined to the AD? articleKB-6056: How to report the group policy settings that are in effect for the local computer? articleKB-6038: How to specify the license type to use when joining the server to AD using adjoin? articleKB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role? articleKB-1994: How to authenticate Centrify users using SecurID tokens. articleKB-1387: How do I enable or disable Centrify SSH banner