Specify the credential providers to exclude from the logon screen

This policy setting allows the administrator to exclude the specified credential providers from use during logon.

If this policy is set to Enabled, an administrator can specify the CLSIDs of the credential providers to exclude from the set of installed credential providers available for logon purposes.

For example: Windows Password and Smartcard Credential Provider can be excluded from the login interface using the following string:

For Windows 8, Windows Server 2012 or above: {60b78e88-ead8-445c-9cfd-0b87f74ea6cd},{8FD7E19C-3BF7-489B-A72C-846AB3678C96}
For Windows 7, Windows Server 2008: {6f45dc1e-5384-457a-bc13-2cd81b0d28ed},{8bf9a910-a8ff-457f-999f-a5ca10b4a885}

The pre-filled value will exclude the Windows Password and Windows Live ID credential providers for all platforms:
{60b78e88-ead8-445c-9cfd-0b87f74ea6cd},{6f45dc1e-5384-457a-bc13-2cd81b0d28ed},{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}

To check for the list of installed credential providers, open up the registry and browse to following location:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers]

If this policy is disabled or not configured, only the Windows Password credential provider will be excluded by default.

Supported on:

Exclude the following credential providers. Enter the comma-separated CLSIDs for multiple credential providers to be excluded from use during logon.

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Centrify\DirectAuthorize\Agent
Value NameExcludedCredProviders
Value TypeREG_SZ
Default Value{60b78e88-ead8-445c-9cfd-0b87f74ea6cd},{6f45dc1e-5384-457a-bc13-2cd81b0d28ed},{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}

centrify_windows_settings.admx

Administrative Templates (Computers)

Administrative Templates (Users)