Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-6053: How to restrict adclient to only connect to DCs / GCs in specific site list?

Centrify DirectControl ,  

12 April,16 at 10:59 AM

Applies to:
Centrify DirectControl 5.2.3+ on all OS platform

Question:
How to restrict adclient to only connect to DCs / GCs in specific site list?
 
Answer:
Starting DirectControl 5.2.3, Centrify administrator can specify
a list of sites, and optionally a domain, to search for domain controllers and the global catalog if they are not found in the preferred site.

 Example usage:
1. Edit CentrifyDC.conf
2. 
adclient.lookup.sites: site1 [site2] [site3]...
Note:  You can use any legal Active Directory site name when you set this parameter. For example: adclient.lookup.sites USTEXAS USCALIFORNIA

3. Restart the adclient to take effect.
 

Centrify administrator can specify the preferred site in the adclient.preferred.site configuration parameter, and the preferred site is displayed when you execute the adinfo command.
The format for this parameter is: adclient.lookup.sites: site1 [site2] [site3]...
 
The agent performs the following steps whenever it attempts to connect to a DC or GC:
1. Discover the preferred site.
2. From DNS, get a list of DCs or GCs in the preferred site and attempt to connect to each one until a connection is successful or the list is exhausted.
3. If unable to connect to a DC or GC in the preferred site, try to connect to a DC or GC in any site.
 
By using this configuration parameter, you can restrict step 3 to a specific set of alternate sites to search for DCs or GCs. Run Active Directory Sites and Services to see a list of sites for your environment. Sites are searched in the list order that you specify.

 
 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.