Synchronize the Active Directory password for local mapped users. When you enable this policy for a mapped user, if the user changes their Linux, UNIX, or Mac OS X password with the
passwd command, or with a similar command, PAM changes the password to match in the local Linux, UNIX, or Mac OS X account. In this way, if there are problems with the network, Active Directory, or
adclient, local users can still log into the machine.
Note: This policy has no effect on Mac OS X computers.
To log in as a local user, append
@localhost to the username. For example, log on as:
After enabling this policy, click Browse to search for users to add.
For this policy to work:
- The specified user must be a mapped user configured in
- Either the Centrify or Microsoft password synchronization service must be installed on all domain controllers.
- The zone to which the machine belongs must be configured to support agentless clients.
- The Active Directory user to whom the local user is mapped must have a profile in the zone configured for agentless authentication.
This group policy modifies the
pam.sync.mapuser setting in the agent configuration file.