What happens during the join operation

If the Centrify Agent can successfully connect to an Active Directory domain controller, it performs a series of key tasks to complete the join operation. For example, during the join operation, the adjoin program completes the following tasks:

  • Starts the Centrify Agent for *NIX adclient process.
  • Checks whether a computer account already exists for the local computer in Active Directory. It creates a new Active Directory computer account for the local computer, if needed.
  • Sets the password on the Active Directory computer account to a randomly-generated password. The password is encrypted and stored locally on the UNIX host to ensure that only the Centrify Agent has control of the account.
  • Updates the Kerberos service principal names used by the host computer, generating new a Kerberos configuration file and krb5.keytab entries, and generating new service keys for the host and http services.
  • Synchronizes the local computer’s time with Active Directory to ensure the timestamps for Kerberos tickets are accepted for authentication.