Centrify uses existing Active Directory attributes to store data. For example, most Centrify zones use Active Directory serviceConnectionPoint objects to store UNIX-specific data. The serviceConnectionPoint class is intended to hold information about services. The keywords attribute of the serviceConnectionPoint object holds name-value pairs that an Active Directory service can use to store its own attributes.
For example, if you were to use ldapsearch to filter the keywords attribute for a user’s serviceConnectionPoint class in a Centrify zone, you would see results similar to the following:
keywords: foreign:False keywords: gid:800 keywords: home:/home/jae keywords: parentLink:S-1-5-21-3619765212-102450798-26543 keywords: shell:/bin/bash keywords: uid:810 keywords: unixEnabled:True
Once you are familiar with the logical data model for Centrify objects, refer to the appropriate zone‑specific section for more detailed information about which Active Directory attributes are used to store data in a particular type of zone.