This configuration parameter specifies the characters in an Active Directory user or group name that are not allowed in UNIX, Linux or Mac OS X names. Each character in the name that matches the characters specified is replaced in the corresponding UNIX name by the character specified in auto.schema.substitute.chars.

Note:   Be sure to specify the replacement character in auto.schema.substitute.chars. Otherwise, the offending character is simply removed from the name, and you run the risk of duplicate UNIX names.

The default setting in centrifydc.conf for UNIX (HP-UX, Solaris, AIX) and Linux systems is the following: \t\n /\\><?|\"\'`[]{},:;~!@#$%^&*()=

The default setting in centrifydc.conf for Mac OS X systems is the following (space is omitted): \t\n/\\><?|\"\'`[]{},:;~!@#$%^&*()=

Run the adflush command after you change the value to flush the cache.