user.ignore

This configuration parameter specifies one or more user names that you want to ignore for authentication and lookup requests in Active Directory. In most cases, you use this parameter to specify local user accounts that do not have a corresponding user account in Active Directory, but for which you want to audit session activity. You can specify the parameter value by typing individual user names, separated by spaces, or by using the file: keyword and a file location. For example, you can set the value using individual user name values like this:

user.ignore: tai carlos games gopher

You can also specify the user’s audit level by adding the value after the user names added to user.ignore. For example:

user.ignore: tai carlos:audit_if_possible

Alternatively, you can using the file: keyword and the sample user.ignore file that is installed with the Centrify agent. The sample user.ignore file ignores the most common default system accounts. For example:

user.ignore: file:/etc/centrifydc/user.ignore

If you edit the /etc/centrifydc/user.ignore file, be sure to run the adreload command after modifying the file to have the changes take effect.