Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-5279: After upgrade to Adclient V5.2.2, AD User intermittently not able to log in

Centrify DirectControl ,  

26 May,15 at 02:28 PM

Applies to: Centrify DirectControl Version 5.2.2-186 on All Unix/Linux Platform

Problem:
After upgrade to Adclient V5.2.2, AD User intermittently not able to log in to Centrify Linux server.
Performing an "adquery user <aduser>" shows users as "not a zone user." 
Login Issue will be temporary fixed by "adflush -a"

Cause:
DirectAuthorize cache was updated with incomplete LDAP page search result and caused users lost system login right.

Workaround:
For work around, we recommend setting up a cron job to re-flush adcache every 30 minutes

  1. crontab –e
    • The following entries will run adflush every 30 minutes
    • 30 * * * * adflush –a
  2. Save and exit the crontab

Resolution:
This issue has been fixed in Centrify Server Suite 2015 SP1 a.k.a DirectControl version 5.2.2-192 , please refer to KB-5278: How to install Centrify DirectControl Agent 5.2.2 SP1 for details.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.