Specify the Active Directory users that require multi-factor authentication on Windows login when the agent is not joined to a zone.
The user name can be specified in any of the following formats:
- sAMAccountName
- [email protected]
(specify the domain if the account is not in the current domain)
- UPN
- * (this includes all AD users)
You can enter the list of users separated by comma, for example:
joe, janedoe, user1, [email protected]
By default no Active Directory user require multi-factor authentication.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\DirectAuthorize\Agent |
Value Name | ZonelessMfaUsers |
Value Type | REG_SZ |
Default Value |