Centrify

Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-5279: After upgrade to Adclient V5.2.2, AD User intermittently not able to log in

Authentication Service ,  

26 May,15 at 02:28 PM

Applies to: Centrify DirectControl Version 5.2.2-186 on All Unix/Linux Platform

Problem:
After upgrade to Adclient V5.2.2, AD User intermittently not able to log in to Centrify Linux server.
Performing an "adquery user <aduser>" shows users as "not a zone user." 
Login Issue will be temporary fixed by "adflush -a"

Cause:
DirectAuthorize cache was updated with incomplete LDAP page search result and caused users lost system login right.

Workaround:
For work around, we recommend setting up a cron job to re-flush adcache every 30 minutes

  1. crontab –e
    • The following entries will run adflush every 30 minutes
    • 30 * * * * adflush –a
  2. Save and exit the crontab

Resolution:
This issue has been fixed in Centrify Server Suite 2015 SP1 a.k.a DirectControl version 5.2.2-192 , please refer to KB-5278: How to install Centrify DirectControl Agent 5.2.2 SP1 for details.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

 articleKB-5278: How to install Centrify DirectControl Agent 5.2.2 SP1 articleKB-7555: Unable to login as root after upgrade to Centrify Suite 2016 (CDC 5.3.0) articleKB-20210: Common Questions Regarding Centrify DirectControl and CoreOS articleKB-6040: How to change the license type in use after adclient successful joined to the AD? articleKB-6041: How to show current license type in use by adclient articleKB-6038: How to specify the license type to use when joining the server to AD using adjoin? articleKB-6073: How to join the Linux/Unix Centrify Server to Active Directory with specific Computer Role? article[TIPS] A Centrify Server Suite Cheat Sheet articleKB-6056: How to report the group policy settings that are in effect for the local computer?