How and when to use command-line programs

UNIX command-line programs are installed by default when you install the Centrify UNIX agent. The commands are typically installed in one of the following directories:

/usr/sbin, /usr/bin

The Centrify agent includes a large number of command-line programs that enable you to perform a variety of administrative tasks directly from a UNIX shell or using a shell script. These command-line programs use the underlying adclient service library to perform important tasks on the computers you add to Active Directory domains. For example, there are commands that allow you to remove a computer from an Active Directory domain, change an Active Directory user’s password, and return detailed diagnostic information about the operations of a host computer.

You can use command-line programs interactively or in shell scripts when you must take action directly on a Centrify-managed computer, or when taking action from a managed computer is most convenient. For example, individual users can use a command-line program to change their Active Directory password from a login shell without logging on to a Windows computer.

Some command-line programs perform specific tasks that you will only use infrequently or under specific conditions. Other programs perform common administrative tasks that you are likely to use repeatedly.

The most commonly used programs include the following:

  • The adjoin command is the first command you use to add a local computer to an Active Directory domain.
  • The adinfo command display summary or detailed diagnostic and configuration information for a computer and its Active Directory domain.
  • The adpasswd command allows you to change an Active Directory account password from a Centrify-managed computer.
  • The adgpupdate command allows you to force group policies to be refreshed immediately.
  • The adleave command allows you to remove a managed computer from its current Active Directory domain or from the Active Directory forest entirely.