Problem: In version 19.6 (5.6.0) of Centrify Infrastructure Services, there are improvements to the configuration option adclient.cloud.connector. In some situations this option is set, yet adclient fails to locate and use the wanted connector. Cause: Some 'keywords' attributes are missing or not valid from the service connection point of the connector.
Resolution: Open ADSI edit, locate the connector SCP object and confirm that the following keywords are in the attributes of this object with valid values. You can also run the following command as root on the machine having the issue to pull the list of SCP objects of the connectors from AD:
If the following keywords are missing or do not have valid values follow the steps below to correct the issue:
1a) If the connector is running with the default LocalSystem account, use the ADSI Edit tool to check the effective access granted to the machine account over the connectors SCP object and fix the permissions if needed. By default this is "Full Control". 1b) If the connector is running with a service account, use the ADSI Edit tool to check the effective access granted to the account over the connectors SCP object and fix the permissions if needed. At a minimum the permissions should allow the service account to update the attributes of the object. 2) Restart the connector after fixing the permission issue and confirm the keyword attributes now show up correctly.