Tips for finding Knowledge Articles
2 June,17 at 09:41 AM
Applies to: All version of Centrify DirectControl Question: How to configure Centrify in order to show Caller computer name from Windows Event Log? Workaround: Centrify supports marking the caller computer name when AD user trying to authenticate on Linux / UNIX machines. However, additional parameter has to be set in order to do that. The parameters that is needed to be set at /etc/centrifydc/centrify.conf are the following: adclient.krb5.send.netbios.name: trueadclient.krb5.use.addresses: true Please see the example below: Before setting the parameter, Caller computer name is show empty from the Windows Event log: AS_req packet has no address information as well: Once we have set the parameter on the machine’s config file, Caller computer name successfully show up on both Windows Event log and network trace: NOTE: If you would like to deploy this settings to multiple Linux/UNIX machines, you can utilize the following Group Policy to deploy the parameter: Computer configuration > Centrify Settings > DirectControl Settings > Add centrifydc.conf properties Please set:Property name: adclient.krb5.use.addressesProperty value: true Property name: adclient.krb5.send.netbios.nameProperty value: true After that, please run "adgpupdate" at the Linux/UNIX machines for immediate effect or wait for 90-120 minutes for the group policy to take effect.