When the agent is not joined to a zone, use this group policy to specify a list of users who can log on without using multi-factor authentication if the machine runs into rescue mode or Windows Safe Mode.
The user name can be specified in any of the following formats:
- sAMAccountName
- [email protected]
(specify the domain if the account is not in the current domain)
- UPN
- * (this includes all AD users)
You can enter the list of users separated by comma, for example:
joe, janedoe, user1, [email protected]
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\DirectAuthorize\Agent |
Value Name | ZonelessRescueUsers |
Value Type | REG_SZ |
Default Value |