Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-6051: How to enforce "Logon Hours" setting on adclient?

Centrify DirectControl ,  

12 April,16 at 10:57 AM

Applies to:
Centrify DirectControl 5.2.3+ on all OS platform
 
Question:
How to enforce "Logon Hours" setting on adclient?
 
Answer:
Starting DirectControl 5.2.3, Centrify administrator can specify whether adclient will perform "Logon Hours" restriction check in addition to Active Directory.
 
Example usage:
1. Edit CentrifyDC.conf
2. adclient.logonhours.local.enforcement: This parameter specifies whether adclient will perform "Logon Hours" restriction check in addition to Active Directory. The default is true; otherwise only Active Directory will enforce the checking. Notice that Active Directory and all its client machines should have the same daylight saving time setting. 
3. Restart the adclient to take effect.

 
This configuration parameter determines whether the agent and Active Directory both check for user logon hour restrictions, or whether only Active Directory checks for logon hour restrictions. This parameter is useful in cases where users are in time zones that are different from the time zone that the agent is in.
 
When this parameter is set to true, the agent and Active Directory both check for local logon hour restrictions. If the agent and user are in different time zones, and one time zone recognizes Daylight Savings Time while the other does not, the user may not be able to logon during permissible hours.  

When this parameter is set to false, only Active Directory checks for local hour restrictions, so there is no Daylight Savings Time conflict with the agent.  Set this parameter to false if you have users that are not in the same time zone as the agent. 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.