Use of existing attributes

Centrify uses existing Active Directory attributes to store data. For example, most Centrify zones use Active Directory serviceConnectionPoint objects to store UNIX-specific data. The serviceConnectionPoint class is intended to hold information about services. The keywords attribute of the serviceConnectionPoint object holds name-value pairs that an Active Directory service can use to store its own attributes.

For example, if you were to use ldapsearch to filter the keywords attribute for a user’s serviceConnectionPoint class in a Centrify zone, you would see results similar to the following:

keywords: foreign:False
keywords: gid:800
keywords: home:/home/jae
keywords: parentLink:S-1-5-21-3619765212-102450798-26543
keywords: shell:/bin/bash
keywords: uid:810
keywords: unixEnabled:True

Once you are familiar with the logical data model for Centrify objects, refer to the appropriate zone‑specific section for more detailed information about which Active Directory attributes are used to store data in a particular type of zone.