Enable this group policy to require smart card login.
When this policy is enabled, no users can log in to the machine simply with a username and password. Enable smart card support policy must also be enabled in order for this policy to take effect.
After you enable this policy, it does not go into effect until you join the computer to the domain (if not already joined) and reboot the computer.
Exception group are groups that are exempted from this option. Users in these groups can login using their AD username and password.
The machine must be in connected mode in order for any group membership changes to take effect immediately.
Note that "Smart card is required for interactive logon" should be disabled in user account setting in order for the exception group to work.
Note that this group policy depends on [Computer Configuation > Policies > Centrify Settings > Linux Settings > Security > Enable smart card support] group policy. If the "Enable smart card support" group poicy is not enabled, this group policy will be ignored.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\UnixSettings\Security\RHELSmartCardLoginForce |
Value Name | RHELSmartCardLoginForce |
Value Type | REG_SZ |
Enabled Value | true |
Disabled Value | false |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\UnixSettings\Security\RHELSmartCardLoginForce |
Value Name | RHELSmartCardLoginForce |
Value Type | REG_DWORD |
Default Value | * |