Enabling automatic editing for specific files

If you set the adclient.autoedit parameter to true, you can use the following parameters to identify the specific files to be automatically edited in different operating environments:

Use this parameter To do this
adclient.autoedit.nss

Specify whether you want to automatically edit the Name Service Switch configuration (nsswitch.conf) file on HP-UX, Solaris, and Linux computers. For example:

adclient.autoedit.nss: true

You can also use group policy to set this parameter.

adclient.autoedit.pam

Specify whether you want to automatically edit the PAM configuration (pam.conf file or pam.d directory) on AIX, HP-UX, Solaris, Mac OS X, and Linux computers. For example:

adclient.autoedit.pam: true

You can also use group policy to set this parameter.

adclient.autoedit.centrifypam

Specify whether to activate the Centrify authorization plug-in and add it to the authorization mechanism every time adclient starts. The default value is true. For example:

adclient.autoedit.centrifypam: true
adclient.autoedit.centrifypam.restart.securityagent

Specify whether to restart SecurityAgent after the authorization database is edited. The default value is true. For example:

adclient.autoedit.centrifypam.restart.securityagent: true

If this parameter is set to false, you must restart the SecurityAgent process or reboot the computer manually after the authorization database is edited. If you do not restart SecurityAgent or reboot, users might not be able to log in.

 

 

 

 

 

adclient.autoedit.nscd

Specify whether you want to disable automatic editing of the nscd passwd and group cache (nscd.conf) on Solaris and Linux computers.

By default, this parameter is set to false, which means automatic editing is disabled. Setting this parameter to true enables automatic editing.

It is recommended that you change the default setting and enable automatic editing of the nscd caches; doing so reduces NSS response time substantially for large volumes of repeated queries.

Note:   Some operating systems do not install nscd by default; be sure that nscd is installed before configuring this setting.

For example:

adclient.autoedit.nscd: false

You can also use group policy to set this parameter.

adclient.autoedit.methods

Specify whether you want to automatically edit the Loadable Authentication Module (LAM) methods.cfg configuration file on AIX computers. For example:

adclient.autoedit.methods: true

You can also use group policy to set this parameter.

adclient.autoedit.user

Specify whether you want to automatically edit the /etc/security/user file. The default value is true. For example:

adclient.autoedit.user: true

You can also use group policy to set this parameter.

adclient.autoedit.user.
root

Specify whether root login is controlled by the Centrify authentication mechanism. If this parameter is set to true, the root stanza 'SYSTEM = "compat"' in /etc/security/user will be commented out and root login must go through the Centrify authentication mechanism.

The default value is false (so that by default, root login does not go through the Centrify authentication mechanism). For example:

adclient.autoedit.user.root: false
adclient.autoedit.pwgrd

Specify whether you want to automatically edit the password and group hashing and caching daemon (pwgrd) on HP-UX computers. For example:

adclient.autoedit.pwgrd: true

You can also use group policy to set this parameter.

Note that if you make any changes to any adclient.autoedit.* parameter, you must restart the adclient process for the change to take effect. Restarting adclient is required whether you set the parameters manually in the configuration file or by enabling a group policy.

Related topics

Editing the NSS configuration manually

Editing the PAM configuration manually