KB-8453: What computer account attributes are managed by Centrify at join time and on an ongoing basis?

Tips for finding Knowledge Articles

- Enter just a few key words related to your question or problem
- Add Key words to refine your search as necessary
- Do not use punctuation
- Search is not case sensitive
- Avoid non-descriptive filler words like "how", "the", "what", etc.
- If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
- Minimum supported Internet Explorer version is IE9

No related Articles

Home >

KB-8453: What computer account attributes are managed by Centrify at join time and on an ongoing basis?

Product:

Centrify DirectControl ,

Published:

30 March,17 at 03:28 PM

Rating:

Applies to:
All version of DirectControl

Question:
What computer account attributes are managed by Centrify at join time and on an ongoing basis?

Answer:
On an ongoing basis, Centrify does the following:
(1) monitors the computer account password and, every 28 days, adclient will try to change it.
(2) on adclient start up, and at intervals, adclient will update the following computer objects:

operatingSystem
operatingSystemVersion
operatingSystemServicePack
postalAddress

(3) There is one additional attribute that is consistently monitored:

msds-SupportedEncryptionType

This will be updated when the Domain Functional Level is raised from Windows Server 2003 to Windows Server 2008 and up. Its function is to to add or enable AES128 and AES256 support.