Applies to: Centrify Server Suite 2016 and later (DirectControl 5.3.0+).
Problem: The
admanagelocal command does not reload local user information after updating local user attributes through AD Users and Computers or ADSI Edit.
[root@centos67 ~]# admanagelocal -u -l all
TestLocaluser1:x:55555:55555:Test Local:/home/testlocaluser1:/bin/bash:enabled
[root@centos67 ~]# admanagelocal -R
[root@centos67 ~]# admanagelocal -u -l all
TestLocaluser1:x:55555:55555:Test Local:/home/testlocaluser1:/bin/bash:enabled
Cause: The
admanagelocal -R option checks the local user's container's time stamp for changes. If the time stamp is the same as that of cache, it uses cached data instead.
When a field is edited through ADUC or ADSI Edit, the container's time stamp is unchanged. Because of this, admanagelocal uses cached data.
Resolution: Please use Access Manager or adedit to update local users' information.
'
admangelocal -R -p -f' can also be used to force it to read from AD.
For example:
[root@centos67 ~]# admanagelocal -u -l all
TestLocaluser1:x:55555:55556:Test Local:/home/testlocaluser1:/bin/bash:enabled
[root@centos67 ~]# admanagelocal -R -p -f
[root@centos67 ~]# admanagelocal -u -l all
TestLocaluser1:x:88888:88888:Test Local:/home/testlocaluser1:/bin/bash:enabled