Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-8453: What computer account attributes are managed by Centrify at join time and on an ongoing basis?

Centrify DirectControl ,  

30 March,17 at 03:28 PM

Applies to:
All version of DirectControl

Question:
What computer account attributes are managed by Centrify at join time and on an ongoing basis?

Answer:
On an ongoing basis, Centrify does the following:
(1) monitors the computer account password and, every 28 days, adclient will try to change it.
(2) on adclient start up, and at intervals, adclient will update the following computer objects:
  • operatingSystem
  • operatingSystemVersion
  • operatingSystemServicePack
  • postalAddress
(3) There is one additional attribute that is consistently monitored:
  • msds-SupportedEncryptionType
This will be updated when the Domain Functional Level is raised from Windows Server 2003 to Windows Server 2008 and up. Its function is to  to add or enable AES128 and AES256 support.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.

Related Articles

No related Articles