Question:
Servers are defaulting to 1 GB for user level file descriptor (FD) limits.
How can the custom FD (file descriptor) limits for users be enforced or set without manually editing the /etc/security/limits.conf on each server?
Answer:
The limits.conf can be pushed out with a computer group policy:
1. Create a computer group policy at:
Computer Configuration -> Centrify Settings -> Common UNIX Settings -> Copy Files
a) Set limits.conf as Filename
b) Copy the custom limits.conf to \\yourDomain\SYSVOL\yourdomain\
c) Set /etc/security/ as the Destination
d) Set permissions to 0644, File UID to 0, and Owner UID to 0
2. Log onto the Linux host as root, run the command below and logout:
adgpupdate -T computer
3. Log on as an AD user in the same Linux host and the ulimit setting would be affected on a per user basis.
4. Turn off the GP setting once pushed, otherwise it will run every 90 minutes.