Enable/disable synchronization

Enable this group policy to manage mobile accounts.


- Create mobile account even if user does not have a network home directory

Create mobile account for AD user regardless a network home is available for the user. It mitigates the chance that blocking user login when the machine is not connected to AD network.

- Require confirmation before creating mobile account

If you want the user to decide whether to enable a mobile account at login, select this option.

If this option is selected, the user sees a confirmation when logging in. The user can click "Create Now" to create a local home folder and enable the mobile account, click "Don't Create" to log in as a network user without enabling the mobile account, or click "Cancel Login" to return to the login window.


Once enabled, this group policy takes effect when users log out and back in.

FileVault protection will only take effect when a new mobile user is being created during login. This group policy will not transform an existing mobile user home directory from unencrypted into encrypted.

Supported on:

Registry HiveHKEY_CURRENT_USER
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\MacMCX\Mobility
Value NameEnableSynchronization
Value TypeREG_SZ
Enabled Value1
Disabled Value0
Enable policy:
Registry PathValue NameValue TypeValue
Software\Policies\Centrify\CentrifyDC\Settings\MacMCX\MobilitySetSyncModeREG_SZ1
Software\Policies\Centrify\CentrifyDC\Settings\MacMCX\MobilitysyncintervalREG_SZ20
Software\Policies\Centrify\CentrifyDC\Settings\MacMCX\MobilitysyncmodeREG_SZauto

Create mobile account even if user does not have a network home directory
Registry HiveHKEY_CURRENT_USER
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\MacMCX\Mobility
Value NameMobileAcctWithoutHome
Value TypeREG_SZ
Default Value0
True Value1
False Value0
Require confirmation before creating a mobile account
Registry HiveHKEY_CURRENT_USER
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\MacMCX\Mobility
Value NameMacMCXSyncRequireConfirmation
Value TypeREG_SZ
Default Value1
True Value1
False Value0

--- FileVault protection ---

Encrypt contents with FileVault
Registry HiveHKEY_CURRENT_USER
Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\MacMCX\Mobility
Value NameEnableFileVault
Value TypeREG_SZ
Default Value0
True Value1
False Value0
Enable/disable synchronization


  1. Use computer master password, if available
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\MacMCX\Mobility
    Value NameRequireMasterPassword
    Value TypeREG_SZ
    Value0
  2. Require computer master password
    Registry HiveHKEY_CURRENT_USER
    Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\MacMCX\Mobility
    Value NameRequireMasterPassword
    Value TypeREG_SZ
    Value1


centrify_mac_settings.admx

Administrative Templates (Computers)

Administrative Templates (Users)