Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-5279: After upgrade to Adclient V5.2.2, AD User intermittently not able to log in

Authentication Service ,  

26 May,15 at 02:28 PM

Applies to: Centrify DirectControl Version 5.2.2-186 on All Unix/Linux Platform

After upgrade to Adclient V5.2.2, AD User intermittently not able to log in to Centrify Linux server.
Performing an "adquery user <aduser>" shows users as "not a zone user." 
Login Issue will be temporary fixed by "adflush -a"

DirectAuthorize cache was updated with incomplete LDAP page search result and caused users lost system login right.

For work around, we recommend setting up a cron job to re-flush adcache every 30 minutes

  1. crontab –e
    • The following entries will run adflush every 30 minutes
    • 30 * * * * adflush –a
  2. Save and exit the crontab

This issue has been fixed in Centrify Server Suite 2015 SP1 a.k.a DirectControl version 5.2.2-192 , please refer to KB-5278: How to install Centrify DirectControl Agent 5.2.2 SP1 for details.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.