Zone attributes in classic Centrify zones

The zone object class is stored as a container object. The common name (cn) of the object must be set to the zone name. Most of the other attributes for a zone are stored as pseudo‑attributes using the Active Directory description attribute. The following table summarizes how zone attributes are stored in Active Directory for Centrify zones.

Zone attribute Stored in Active Directory attribute

ZoneName

cn:ZoneName

For example:

cn:default

ZoneVersion

displayName:ZoneVersion

This attribute determines compatibility between a zone object and the Access Manager console. The valid values are:

  • $CimsZoneVersion2 for zones compatible with Centrify versions 2.x and 3.x
  • $CimsZoneVersion3 for RFC 2307 classic zones compatible with Centrify versions 2.x and 3.x
  • $CimsZoneVersion4 for classic zones compatible with Centrify, version 4.x
  • $CimsZoneVersion5 for hierarchical zones

For example:

displayName: $CimsZoneVersion5

Description

description:description:value

For example:

description:description:Pilot EMEA

NextUid

description:uidnext:value

For example:

description:uidnext:12098

NextGid

description:gidnext:value

For example:

description:gidnext:12098

ReservedUids

description:uidreserved:value

This attribute can be a multi-valued list, using a colon as the separator. Values can be individual numbers or a range of numbers separated with a dash character (‑).

For example:

description:uidreserved:0-99:501

ReservedGids

description:gidreserved:value

This attribute has the same format as the reserveduids attribute. For example:

description:gidreserved:1000-2500

Availableshells

description:availableshells:value

This attribute can be a multi-valued list of shell names, using a colon as the separator.

For example:

description:availableshells:/bin/sh

DefaultHomeDirectory

description:defaulthome:value

For example:

description:defaulthome:/nfs/${user}

DefaultShell

description:defaultshell:value

For example:

description:defaultshell:/bin/bash

DefaultGroup

description:defaultgid:value

For example:

description:defaultgid:12098

ZoneType

schema:Dynamic_Schema_Version

This attribute identifies the schema layout a zone object uses. The valid values are:

  • Dynamic_Schema_1_0 for Centrify, version 1.0, zones. This schema type is obsolete for version 2.x and later.
  • Dynamic_Schema_2_0 for classic Centrify zones, 2.x and 3.x compatible.
  • Dynamic_Schema_3_0 for classic Centrify zones, 3.x and 4.x compatible.
  • Dynamic_Schema_5_0 for hierarchical Centrify zones, 5.x compatible.
  • SFU_3_0 for SFU zones with the Microsoft Services for UNIX (SFU), version 3.x, schema extension.
  • SFU_4_0 for SFU zones with the Microsoft Services for UNIX (SFU), version 4.x, schema extension.
  • CDC_RFC_2307 for classic RFC 2307‑compliant zones, Centrify 2.x and 3.x compatible.
  • CDC_RFC_2307_2 for classic RFC 2307‑compliant zones, Centrify 4.x compatible.
  • CDC_RFC_2307_3 for hierarchical RFC 2307‑compliant zones, Centrify 5.x compatible.

For example:

description:schema:Dynamic_Schema_5_0