Force password salt lookup from KDC
Force Centrify DirectControl Agent to look up the complete principal name, including the Kerberos realm used as the key salt, from the KDC.
Enabling this policy is only required if you remove arcfour-hmac-md5 from the list of encryption types specified for the adclient.krb5.tkt.encryption.types parameter in the Centrify DirectControl configuration file and if you change a userPrincipalName attribute in Active Directory without changing the user's password.
Enabling this policy may cause "pre-auth required" warning messages to appear in the Active Directory event log.
This group policy modifies the adclient.force.salt.lookup setting in the Centrify DirectControl configuration file.
Supported on:
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Adclient |
| Value Name | adclient.force.salt.lookup |
| Value Type | REG_SZ |
| Enabled Value | true |
| Disabled Value | false |
Skip items whose name contains
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Adclient |
| Value Name | {number} |
| Value Type | REG_DWORD |
| Default Value |
centrifydc_settings.admx
- Centrify Audit Trail Settings
- Set audit trail targets for category "Audit Analyzer"
- Set audit trail targets for category "Audit Manager"
- Set audit trail targets for category "Centrify Commands"
- Set audit trail targets for category "Centrify Configuration"
- Set audit trail targets for category "Centrify sshd"
- Set audit trail targets for category "Command"
- Set audit trail targets for category "DirectAudit - Windows"
- Set audit trail targets for category "DirectAudit Advanced Monitoring"
- Set audit trail targets for category "DirectAudit System Management"
- Set audit trail targets for category "DirectAudit UNIX Agent"
- Set audit trail targets for category "DirectAuthorize - Windows"
- Set audit trail targets for category "DirectControl UNIX Agent"
- Set audit trail targets for category "dzdo"
- Set audit trail targets for category "dzinfo"
- Set audit trail targets for category "dzsh"
- Set audit trail targets for category "License Management"
- Set audit trail targets for category "Local Account Management"
- Set audit trail targets for category "MFA"
- Set audit trail targets for category "PAM"
- Set audit trail targets for category "Trusted Path"
- Set global audit trail targets
- Centrify Settings
- Common UNIX Settings
- DirectControl Settings
- Account Prevalidation
- Adclient Settings
- Add attributes to cached computer objects
- Add attributes to cached group objects
- Add attributes to cached user, group, and computer objects
- Add attributes to cached user objects
- Automatically manage system configuration files
- Auto Zone default shell
- Auto Zone domain prefix overrides
- Auto Zone home directory
- Auto Zone remote file service (Mac OS X)
- Configure /etc/nsswitch.conf (Solaris, HPUX, Linux)
- Configure /etc/security/user (AIX)
- Configure /etc/{pam.conf,pam.d}
- Configure /usr/lib/security/methods.cfg (AIX)
- Configure Directory Services (Mac OS X) (deprecated)
- Configure dump core setting
- Disable nscd group and passwd caching (Solaris, Linux)
- Disable pwgrd (HPUX)
- Enable Auto Zone user home directory (Mac OS X)
- Enable core dump cleanup
- Enable logon hours local enforcement
- Encrypt Adclient cache data
- Force password salt lookup from KDC
- Generate new uid/gid using Apple scheme in Auto Zone
- Map /home to /Users (Mac OS X)
- Run adclient on all processors
- Set a Centrify Connector in current forest to provide Centrify MFA authentication service
- Set cache cleanup interval
- Set maximum number of threads
- Set minimum number of threads
- Set the Centrify Connector refresh interval
- Set the maximum simultaneous Centrify MFA authentication requests allowed
- Set user's primary gid in Auto Zone
- Specify AD groups allowed in Auto Zone
- Specify AD users allowed in Auto Zone
- Specify groups of AD users allowed in Auto Zone
- Specify low disk space interval
- Specify low disk space warning level
- Use the legal Kerberos type for cache encryption
- Addns Settings
- Dzdo Settings
- Always add anchors to regex in dzdo and dzcmds
- Enable logging of valid command execution in dzdo
- Enable MFA for dzdo in classic zone
- Force dzdo re-authentication when relogin
- Force dzdo to set HOME environment variable
- Force dzdo to set HOME environment variable when runs with '-s' option
- Force per tty authentication in dzdo
- Prompt error message if command not found by dzdo
- Replace sudo by dzdo
- Require dzdo command validation check
- Require runas user for dzdo
- Set directory to store user timestamp by dzdo
- Set dzdo authentication timeout interval
- Set dzdo password prompt timeout interval
- Set dzdo validator
- Set environment variables to be preserved by dzdo
- Set environment variables to be removed by dzdo
- Set environment variables to be removed by dzdo with characters % or /
- Set error message when failed to authenticate in dzdo
- Set lecture shown by dzdo before password prompt
- Set password prompt for target user password in dzdo
- Set paths for command searching in dzdo
- Set secure paths for command execution in dzdo
- Show lecture by dzdo before password prompt
- Use realpath to canonicalize command paths in dzdo
- Group Policy Settings
- Kerberos Settings
- Allow PAM to create user Kerberos credential cache
- Allow weak encryption types for Kerberos authentication
- Disable Kerberos built-in ccselect plugins
- Enable Kerberos clients to correct time difference
- Force Kerberos to only use TCP
- Generate Kerberos version numbers for Windows 2000
- Generate the forwardable tickets
- Manage Kerberos configuration
- Renew credentials automatically
- Set configuration update interval
- Set credential renewal interval
- Set Kerberos UDP preference limit
- Set password change interval
- Specify credential cache type for AD users
- Specify groups to infinitely renew Kerberos credentials
- Specify maximum Kerberos credential cache lifetime
- Specify users to infinitely renew Kerberos credentials
- Use DNS to lookup KDC
- Use DNS to lookup realms
- Local Account Management
- Logging Settings
- Login Settings
- Allow localhost users
- Allow offline login when user account is locked out
- Enabled nss emergency shell
- Manage login filters
- Set minimum group ID (lookup)
- Set minimum user ID (lookup)
- Set sync mapped users
- Specify group names to ignore (lookup)
- Specify user names to ignore (lookup)
- Split large group membership
- MFA Settings
- Enable multi-factor authentication for autozone and classic zone
- Set background fetching interval for groups that require multi-factor authentication
- Specify AD groups that require multi-factor authentication
- Specify AD users that can login when multi-factor authentication is unavailable
- Specify AD users that require multi-factor authentication
- Specify Centrify Identity Platform URL for multi-factor authentication
- Network and Cache Settings
- Blacklist DNS DC hostnames
- Enable LDAP cross-forest search
- Enable user lookup and login by CN
- Enable user lookup and login by displayName
- Force DNS to rotate
- Force DNS to use TCP
- Force switching to different domain controller in the preferred site periodically
- Set cache negative life time
- Set DNS cache size (deprecated)
- Set DNS cache timeout (deprecated)
- Set DNS cache timeout
- Set DNS UDP buffer size
- Set domain DNS refresh interval (deprecated)
- Set GC expiration
- Set group object expiration
- Set idle client timeout
- Set LDAP connection timeout
- Set LDAP response timeout
- Set LDAP search timeout
- Set LDAP trust timeout
- Set LRPC2 receive timeout
- Set LRPC2 send timeout
- Set LRPC response timeout
- Set maximum server connection attempts
- Set object expiration
- Set refresh interval for access control cache
- Set UDP timeout
- Set user object expiration
- Specify DNS DC hostnames
- Specify DNS GC hostnames
- NIS Daemon Settings
- Set domain name for NIS daemon
- Set large group name length for NIS daemon
- Set large group suffix for NIS daemon
- Set maximum number of mapping files allowed for NIS daemon
- Set startup delay time for NIS daemon
- Set switch delay time for NIS daemon
- Set thread number for NIS daemon
- Specify allowed client machines for NIS daemon
- Specify allowed NIS mapping files for NIS daemon
- Specify disallowed NIS mapping files for NIS daemon
- Specify NIS daemon update interval
- NSS Overrides
- Pam Settings
- Create home directory
- Create k5login
- Set home directory permissions
- Set UID conflict message
- Set UID conflict resolution
- Set user name and UID conflict message
- Set user name conflict message
- Specify message for creating home directory
- Specify programs for which multi-factor authentication is ignored
- Password Prompts
- Set account disabled error message
- Set account expired error message
- Set account locked message for adpasswd
- Set adclient inaccessible message
- Set error message for empty password entered
- Set invalid user or password message for adpasswd
- Set lockout error message
- Set login password prompt
- Set message text for password change
- Set new password's mismatch error message for password change
- Set notification text for password change
- Set old password incorrect error message for password change
- Set password change disallowed message for adpasswd
- Set password expiry approaching text
- Set password prompt for confirming new password change
- Set password prompt for new password change
- Set password prompt for old password change
- Set permission denied message for adpasswd
- Set violation error message for password change
- Set workstation denied error message
- Sudo Settings
- User's Initial Group ID
- Add centrifydc.conf properties
- Maintain DirectControl 2.x compatibility
- Merge local group membership
- Prefer Authentication against cached credentials
- Set LDAP fetch count
- Set password cache
- Set user mapping
- Use FIPS compliant algorithms for encryption, hashing and signing
- Linux Settings
- Mac OS X Settings
- 802.1X Settings
- Accounts
- App Store Settings (Deprecated)
- Custom Settings
- Energy Saver
- On AC power
- Allow power button to sleep the computer
- Enable Power Nap while plugged into a power adapter
- Put the hard disk(s) to sleep when possible
- Restart automatically after a power failure
- Set computer sleep time
- Set display sleep time
- Wake for Ethernet network administrator access
- Wake when the modem detects a ring
- On battery power
- Allow power button to sleep the computer
- Enable Power Nap while on battery power
- Put the hard disk(s) to sleep when possible
- Restart automatically after a power failure
- Set computer sleep time
- Set display sleep time
- Slightly dim the display while on battery power
- Wake for Ethernet network administrator access
- Wake when the modem detects a ring
- Scheduled events
- On AC power
- Firewall
- Internet Sharing
- Network
- Legacy location settings
- Location1
- Location2
- Adjust multicast DNS timeout for .local domain
- Remote Management
- Scripts (LaunchDaemons)
- Scripts (Login/Logout)
- Security & Privacy
- FileVault 2
- Public Key Policies
- Auto Generate New Login Keychain
- Certificate validation method
- Disable automatic login
- Disable Location Services
- Disable smartcard UPN mapping
- Enable Gatekeeper
- Enable smart card support
- Enable smart card support for sudo
- Log out after number of minutes of inactivity
- Require password to unlock each secure system preference
- Require smart card login
- Use secure virtual memory (Deprecated)
- Services
- Software Update Settings
- Automatically check for software updates
- Legacy Settings
- Mac OS X 10.7 or below Settings
- Mac OS X 10.8 Settings
- Mac OS X 10.9 Settings
- Mac OS X 10.10 or above Settings
- Use version specific settings
- Software Update Server Settings
- Legacy Settings
- Mac OS X 10.5 Settings
- Mac OS X 10.6 Settings
- Mac OS X 10.7 Settings
- Mac OS X 10.8 Settings
- Mac OS X 10.9 Settings
- Mac OS X 10.10 or above Settings
- Use version specific settings
- Automatically check for software updates
- SSH Settings
- Add sshd_config properties
- Allow challenge-response authentication
- Allow groups
- Allow GSSAPI authentication
- Allow GSSAPI key exchange
- Allow users
- Deny groups
- Deny users
- Enable application rights
- Enable PAM authentication
- Enable Rlogin Control Sftp
- Enable SSO MFA
- Permit root login
- Set banner path
- Specify authorized keys file
- Specify ciphers allowed for protocol version 2
- Specify client alive interval
- Specify login grace period
- Specify log level
- Specify maximum client alive count
- Windows Settings
- Common Settings
- Disable the Centrify notification icon
- Prevent local administrators from being able to log on in rescue mode (when there are no explicit rescue users defined)
- Re-authentication: Require smart card
- Specify a list of rescue users (when the agent is not joined to a zone)
- Specify whether to keep the desktop notification message permanently visible
- MFA Settings
- Configure multi-factor authentication for logon when the agent cannot connect to the Platform
- Configure multi-factor authentication for privilege elevation when the agent cannot connect to the Platform
- Connect to the Centrify Identity Platform directly
- Disable multi-factor authentication for screen unlock
- Enable multi-factor authentication for Windows login (when the agent is not joined to a zone)
- Specify Active Directory users that require multi-factor authentication on Windows login (when the agent is not joined to a zone)
- Specify a web proxy URL (when the agent is not joined to a zone)
- Specify a web proxy URL
- Specify how frequently to check for responses to multi-factor authentication challenges
- Specify the Centrify connector URL to use
- Specify the credential providers to exclude from the logon screen
- Specify the Platform instance URL to use (when the agent is not joined to a zone)
- Specify the Platform instance URL to use
- Specify the timeout on skipping previously disconnected Centrify connectors
- Specify the timeout on using the last successfully connected Centrify connector first
- Common Settings
- Centrify Settings
- Common UNIX Settings
- Gnome 3 Settings
- apps
- geoclue
- indicator-session
- notify-osd
- seahorse
- telepathy-logger
- update-manager
- ca
- desrt
- dconf-editor
- desrt
- com
- canonical
- desktop
- interface
- friends
- indicator
- appmenu
- bluetooth
- datetime
- keyboard
- messages
- power
- sound
- unity-greeter
- unity-gtk-module
- unity
- dash
- decorations
- devices
- integrated-menus
- interface
- launcher
- lenses
- webapps
- double-click-activate
- form-factor
- home-expanded
- integrated-menus
- minimize-count
- minimize-fast-duration
- minimize-slow-duration
- minimize-speed-threshold
- webcredentials
- capture
- desktop
- ubuntu
- geoip
- sound
- touch
- network
- sound
- system
- update-notifier
- user-interface
- canonical
- desktop
- gnome
- gstreamer
- ibus
- unity
- lenses
- applications
- files
- runner
- lenses
- org
- cinnamon
- background
- cinnamon-session
- desklets
- launcher
- desktop
- a11y
- applications
- keyboard
- bouncekeys-beep-reject
- bouncekeys-delay
- bouncekeys-enable
- disable-timeout
- enable
- feature-state-change-beep
- mousekeys-accel-time
- mousekeys-enable
- mousekeys-init-delay
- mousekeys-max-speed
- slowkeys-beep-accept
- slowkeys-beep-press
- slowkeys-beep-reject
- slowkeys-delay
- slowkeys-enable
- stickykeys-enable
- stickykeys-modifier-beep
- stickykeys-two-key-off
- timeout-enable
- togglekeys-enable
- magnifier
- brightness-blue
- brightness-green
- brightness-red
- color-saturation
- contrast-blue
- contrast-green
- contrast-red
- cross-hairs-clip
- cross-hairs-color
- cross-hairs-length
- cross-hairs-opacity
- cross-hairs-thickness
- invert-lightness
- lens-mode
- mag-factor
- mouse-tracking
- screen-position
- scroll-at-edges
- show-cross-hairs
- mouse
- applications
- office
- calendar
- tasks
- terminal
- office
- background
- input-sources
- interface
- automatic-mnemonics
- buttons-have-icons
- can-change-accels
- clock-format
- clock-show-date
- clock-show-seconds
- cursor-blink-time
- cursor-blink-timeout
- cursor-blink
- cursor-size
- cursor-theme
- enable-animations
- font-name
- gtk-color-palette
- gtk-color-scheme
- gtk-im-module
- gtk-im-preedit-style
- gtk-im-status-style
- gtk-key-theme
- gtk-theme
- gtk-timeout-initial
- gtk-timeout-repeat
- icon-theme
- menubar-accel
- menubar-detachable
- menus-have-icons
- menus-have-tearoff
- show-input-method-menu
- show-unicode-menu
- text-scaling-factor
- toolbar-detachable
- toolbar-icons-size
- toolbar-style
- toolkit-accessibility
- lockdown
- media-handling
- screensaver
- session
- sound
- thumbnail-cache
- thumbnailers
- wm
- preferences
- action-double-click-titlebar
- action-middle-click-titlebar
- action-right-click-titlebar
- application-based
- audible-bell
- auto-raise-delay
- auto-raise
- button-layout
- disable-workarounds
- focus-mode
- focus-new-windows
- mouse-button-modifier
- num-workspaces
- raise-on-click
- resize-with-right-button
- theme
- titlebar-font
- titlebar-uses-system-font
- visual-bell-type
- visual-bell
- workspace-names
- preferences
- a11y
- keybindings
- keyboard
- muffin
- keybindings
- activate-window-menu
- begin-move
- begin-resize
- close
- cycle-group-backward
- cycle-group
- cycle-panels-backward
- cycle-panels
- cycle-windows-backward
- cycle-windows
- lower
- maximize-horizontally
- maximize-vertically
- maximize
- minimize
- move-to-center
- move-to-corner-ne
- move-to-corner-nw
- move-to-corner-se
- move-to-corner-sw
- move-to-side-e
- move-to-side-n
- move-to-side-s
- move-to-side-w
- move-to-workspace-1
- move-to-workspace-2
- move-to-workspace-3
- move-to-workspace-4
- move-to-workspace-5
- move-to-workspace-6
- move-to-workspace-7
- move-to-workspace-8
- move-to-workspace-9
- move-to-workspace-10
- move-to-workspace-11
- move-to-workspace-12
- move-to-workspace-down
- move-to-workspace-left
- move-to-workspace-right
- move-to-workspace-up
- panel-main-menu
- panel-run-dialog
- push-snap-down
- push-snap-left
- push-snap-right
- push-snap-up
- push-tile-down
- push-tile-left
- push-tile-right
- push-tile-up
- raise-or-lower
- raise
- set-spew-mark
- show-desktop
- switch-group-backward
- switch-group
- switch-panels-backward
- switch-panels
- switch-to-workspace-1
- switch-to-workspace-2
- switch-to-workspace-3
- switch-to-workspace-4
- switch-to-workspace-5
- switch-to-workspace-6
- switch-to-workspace-7
- switch-to-workspace-8
- switch-to-workspace-9
- switch-to-workspace-10
- switch-to-workspace-11
- switch-to-workspace-12
- switch-to-workspace-down
- switch-to-workspace-left
- switch-to-workspace-right
- switch-to-workspace-up
- switch-windows-backward
- switch-windows
- tab-popup-cancel
- tab-popup-select
- toggle-above
- toggle-fullscreen
- toggle-maximized
- toggle-on-all-workspaces
- toggle-recording
- toggle-shaded
- unmaximize
- attach-modal-dialogs
- button-layout
- draggable-border-width
- dynamic-workspaces
- edge-tiling
- invert-workspace-flip-direction
- legacy-snap
- live-hidden-windows
- no-tab-popup
- overlay-key
- placement-mode
- resize-threshold
- snap-modifier
- tile-hud-threshold
- tile-maximize
- workspace-cycle
- workspaces-only-on-primary
- keybindings
- power
- recorder
- screensaver
- settings-daemon
- peripherals
- input-devices
- keyboard
- mouse
- smartcard
- touchpad
- touchscreen
- plugins
- a11y-keyboard
- a11y-settings
- clipboard
- color
- cursor
- font
- housekeeping
- keyboard
- media-keys
- active
- area-screenshot-clip
- area-screenshot
- calculator
- decrease-text-size
- eject
- help
- home
- increase-text-size
- logout
- magnifier-zoom-in
- magnifier-zoom-out
- magnifier
- media
- next
- on-screen-keyboard
- pause
- play
- previous
- priority
- screenreader
- screensaver
- screenshot-clip
- screenshot
- search
- stop
- switch-input-source-backward
- switch-input-source
- terminal
- toggle-contrast
- volume-down
- volume-mute
- volume-up
- window-screenshot-clip
- window-screenshot
- www
- mouse
- orientation
- power
- active
- button-hibernate
- button-power
- button-sleep
- button-suspend
- critical-battery-action
- idle-brightness
- idle-dim-ac
- idle-dim-battery
- idle-dim-time
- lid-close-ac-action
- lid-close-battery-action
- lid-close-suspend-with-external-monitor
- lock-on-suspend
- percentage-action
- percentage-critical
- percentage-low
- priority
- sleep-display-ac
- sleep-display-battery
- sleep-inactive-ac-timeout
- sleep-inactive-ac-type
- sleep-inactive-battery-timeout
- sleep-inactive-battery-type
- time-action
- time-critical
- time-low
- use-time-for-policy
- print-notifications
- screensaver-proxy
- smartcard
- sound
- xrandr
- xsettings
- peripherals
- sounds
- system
- locale
- theme
- alttab-switcher-enforce-primary-monitor
- alttab-switcher-style
- bring-windows-to-current-workspace
- cinnamon-settings-advanced
- command-history
- date-format
- desklet-decorations
- desklet-snap-interval
- desklet-snap
- desktop-effects-close-effect
- desktop-effects-close-time
- desktop-effects-close-transition
- desktop-effects-map-effect
- desktop-effects-map-time
- desktop-effects-map-transition
- desktop-effects-maximize-effect
- desktop-effects-maximize-time
- desktop-effects-maximize-transition
- desktop-effects-minimize-effect
- desktop-effects-minimize-time
- desktop-effects-minimize-transition
- desktop-effects-on-dialogs
- desktop-effects-tile-effect
- desktop-effects-tile-time
- desktop-effects-tile-transition
- desktop-effects-unmaximize-effect
- desktop-effects-unmaximize-time
- desktop-effects-unmaximize-transition
- desktop-effects
- desktop-layout
- development-tools
- disabled-open-search-providers
- display-notifications
- dnd-drag-threshold
- edge-flip-delay
- enable-app-monitoring
- enable-edge-flip
- enable-looking-glass-logs
- enable-vfade
- enabled-applets
- enabled-desklets
- enabled-extensions
- favorite-apps
- hide-snap-osd
- looking-glass-history
- next-applet-id
- next-desklet-id
- number-workspaces
- overview-corner
- panel-autohide
- panel-bottom-height
- panel-edit-mode
- panel-hide-delay
- panel-launchers-draggable
- panel-launchers
- panel-resizable
- panel-scale-text-icons
- panel-show-delay
- panel-top-height
- panel2-autohide
- panel2-hide-delay
- panel2-show-delay
- run-dialog-show-completions
- saved-im-presence
- saved-session-presence
- window-list-applet-alert
- window-list-applet-scroll
- workspace-expo-view-as-grid
- workspace-name-overrides
- workspace-osd-duration
- workspace-osd-visible
- workspace-osd-x
- workspace-osd-y
- compiz
- gwd
- integrated
- command-1
- command-2
- command-3
- command-4
- command-5
- command-6
- command-7
- command-8
- command-9
- command-10
- command-11
- command-12
- command-21
- command-screenshot
- command-window-screenshot
- display-all-workspaces
- run-command-1
- run-command-2
- run-command-3
- run-command-4
- run-command-5
- run-command-6
- run-command-7
- run-command-8
- run-command-9
- run-command-10
- run-command-11
- run-command-12
- run-command-21
- show-hud
- current-profile
- existing-profiles
- fedoraproject
- FirewallConfig
- freedesktop
- color-helper
- folks
- tracker
- db
- extract
- fts
- miner
- files
- crawling-interval
- enable-monitors
- enable-writeback
- ignored-directories-with-content
- ignored-directories
- ignored-files
- index-on-battery-first-time
- index-on-battery
- index-optical-discs
- index-recursive-directories
- index-removable-devices
- index-single-directories
- initial-sleep
- low-disk-space-limit
- removable-days-threshold
- sched-idle
- throttle
- verbosity
- files
- store
- writeback
- gnome
- baobab
- preferences
- ui
- bijiben
- Bluetooth
- sendto
- boxes
- brasero
- calculator
- caribou
- charmap
- window-state
- font
- group-by
- last-char
- snap-cols-pow2
- cheese
- clocks
- state
- alarms
- geolocation
- timer
- world-clocks
- Contacts
- deja-dup
- desktop
- a11y
- applications
- keyboard
- bouncekeys-beep-reject
- bouncekeys-delay
- bouncekeys-enable
- disable-timeout
- enable
- feature-state-change-beep
- mousekeys-accel-time
- mousekeys-enable
- mousekeys-init-delay
- mousekeys-max-speed
- slowkeys-beep-accept
- slowkeys-beep-press
- slowkeys-beep-reject
- slowkeys-delay
- slowkeys-enable
- stickykeys-enable
- stickykeys-modifier-beep
- stickykeys-two-key-off
- timeout-enable
- togglekeys-enable
- magnifier
- brightness-blue
- brightness-green
- brightness-red
- caret-tracking
- color-saturation
- contrast-blue
- contrast-green
- contrast-red
- cross-hairs-clip
- cross-hairs-color
- cross-hairs-length
- cross-hairs-opacity
- cross-hairs-thickness
- focus-tracking
- invert-lightness
- lens-mode
- mag-factor
- mouse-tracking
- screen-position
- scroll-at-edges
- show-cross-hairs
- mouse
- mouse
- always-show-universal-access-status
- applications
- office
- calendar
- tasks
- terminal
- office
- background
- datetime
- file-sharing
- input-sources
- interface
- automatic-mnemonics
- buttons-have-icons
- can-change-accels
- clock-format
- clock-show-date
- clock-show-seconds
- cursor-blink-time
- cursor-blink-timeout
- cursor-blink
- cursor-size
- cursor-theme
- document-font-name
- enable-animations
- font-name
- gtk-color-palette
- gtk-color-scheme
- gtk-im-module
- gtk-im-preedit-style
- gtk-im-status-style
- gtk-key-theme
- gtk-theme
- gtk-timeout-initial
- gtk-timeout-repeat
- icon-theme
- menubar-accel
- menubar-detachable
- menus-have-icons
- menus-have-tearoff
- monospace-font-name
- scaling-factor
- show-input-method-menu
- show-unicode-menu
- text-scaling-factor
- toolbar-detachable
- toolbar-icons-size
- toolbar-style
- toolkit-accessibility
- ubuntu-overlay-scrollbars
- lockdown
- media-handling
- notifications
- privacy
- remote-access
- screensaver
- color-shading-type
- embedded-keyboard-command
- embedded-keyboard-enabled
- idle-activation-enabled
- lock-delay
- lock-enabled
- logout-command
- logout-delay
- logout-enabled
- picture-opacity
- picture-options
- picture-uri
- primary-color
- secondary-color
- show-full-name-in-top-bar
- show-notifications
- status-message-enabled
- ubuntu-lock-on-suspend
- user-switch-enabled
- search-providers
- session
- sound
- thumbnail-cache
- thumbnailers
- wm
- keybindings
- activate-window-menu
- begin-move
- begin-resize
- close
- cycle-group-backward
- cycle-group
- cycle-panels-backward
- cycle-panels
- cycle-windows-backward
- cycle-windows
- lower
- maximize-horizontally
- maximize-vertically
- maximize
- minimize
- move-to-center
- move-to-corner-ne
- move-to-corner-nw
- move-to-corner-se
- move-to-corner-sw
- move-to-side-e
- move-to-side-n
- move-to-side-s
- move-to-side-w
- move-to-workspace-1
- move-to-workspace-2
- move-to-workspace-3
- move-to-workspace-4
- move-to-workspace-5
- move-to-workspace-6
- move-to-workspace-7
- move-to-workspace-8
- move-to-workspace-9
- move-to-workspace-10
- move-to-workspace-11
- move-to-workspace-12
- move-to-workspace-down
- move-to-workspace-left
- move-to-workspace-right
- move-to-workspace-up
- panel-main-menu
- panel-run-dialog
- raise-or-lower
- raise
- set-spew-mark
- show-desktop
- switch-applications-backward
- switch-applications
- switch-group-backward
- switch-group
- switch-input-source-backward
- switch-input-source
- switch-panels-backward
- switch-panels
- switch-to-workspace-1
- switch-to-workspace-2
- switch-to-workspace-3
- switch-to-workspace-4
- switch-to-workspace-5
- switch-to-workspace-6
- switch-to-workspace-7
- switch-to-workspace-8
- switch-to-workspace-9
- switch-to-workspace-10
- switch-to-workspace-11
- switch-to-workspace-12
- switch-to-workspace-down
- switch-to-workspace-left
- switch-to-workspace-right
- switch-to-workspace-up
- switch-windows-backward
- switch-windows
- toggle-above
- toggle-fullscreen
- toggle-maximized
- toggle-on-all-workspaces
- toggle-shaded
- unmaximize
- preferences
- action-double-click-titlebar
- action-middle-click-titlebar
- action-right-click-titlebar
- application-based
- audible-bell
- auto-raise-delay
- auto-raise
- button-layout
- disable-workarounds
- focus-mode
- focus-new-windows
- mouse-button-modifier
- num-workspaces
- raise-on-click
- resize-with-right-button
- theme
- titlebar-font
- titlebar-uses-system-font
- visual-bell-type
- visual-bell
- workspace-names
- keybindings
- a11y
- dictionary
- Disks
- documents
- empathy
- call
- conversation
- hints
- location
- notifications
- sounds
- ui
- autoaway
- autoconnect
- file-transfer-default-folder
- sanity-cleaning-number
- use-conn(2)
- empathy
- eog
- fullscreen
- plugins
- ui
- view
- evince
- evolution-data-server
- addressbook
- calendar
- evolution
- addressbook
- bogofilter
- calendar
- audio-dir
- ba-reminder-interval
- ba-reminder-units
- compress-weekend
- confirm-delete
- confirm-purge
- date-navigator-pane-position
- day-end-hour
- day-end-minute
- day-second-zone
- day-second-zones-max
- day-second-zones
- day-start-hour
- day-start-minute
- default-reminder-interval
- default-reminder-units
- editor-show-categories
- editor-show-role
- editor-show-rsvp
- editor-show-status
- editor-show-timezone
- editor-show-type
- hide-completed-tasks-units
- hide-completed-tasks-value
- hide-completed-tasks
- hpane-position
- last-notification-time
- marcus-bains-color-dayview
- marcus-bains-color-timebar
- marcus-bains-line
- memo-hpane-position
- memo-layout
- memo-vpane-position
- month-hpane-position
- month-scroll-by-week
- notify-programs
- notify-with-tray
- prefer-new-item
- primary-calendar
- primary-memos
- primary-tasks
- publish-template
- recur-events-italic
- search-range-years
- show-event-end
- show-memo-preview
- show-task-preview
- show-week-numbers
- tag-vpane-position
- task-due-today-color
- task-due-today-highlight
- task-hpane-position
- task-layout
- task-overdue-color
- task-overdue-highlight
- task-vpane-position
- time-divisions
- timezone
- use-24hour-format
- use-ba-reminder
- use-default-reminder
- use-system-timezone
- week-start-day-name
- week-start-day
- work-day-friday
- work-day-monday
- work-day-saturday
- work-day-sunday
- work-day-thursday
- work-day-tuesday
- work-day-wednesday
- working-days
- importer
- mail
- address-compress
- address-count
- animate-images
- browser-close-on-reply-policy
- caret-mode
- charset
- citation-color
- composer-charset
- composer-current-folder
- composer-gallery-path
- composer-group-reply-to-list
- composer-ignore-list-reply-to
- composer-inline-spelling
- composer-localized-re
- composer-magic-links
- composer-magic-smileys
- composer-message-attribution
- composer-message-forward
- composer-message-original
- composer-no-signature-delim
- composer-outlook-filenames
- composer-reply-start-bottom
- composer-request-receipt
- composer-send-html
- composer-show-bcc
- composer-show-cc
- composer-show-post-from
- composer-show-post-reply-to
- composer-show-reply-to
- composer-sign-reply-if-signed
- composer-spell-color
- composer-spell-languages
- composer-top-signature
- default-account
- drag-and-drop-save-file-format
- enable-unmatched
- error-level
- error-timeout
- filters-log-actions
- filters-log-file
- flush-outbox
- forward-style-name
- forward-style
- global-view-setting
- headers-collapsed
- headers
- hpaned-size
- image-loading-policy
- junk-check-custom-header
- junk-check-incoming
- junk-custom-header
- junk-default-plugin
- junk-empty-date
- junk-empty-on-exit-days
- junk-empty-on-exit
- junk-lookup-addressbook-local-only
- junk-lookup-addressbook
- labels
- layout
- load-http-images
- magic-spacebar
- mark-citations
- mark-seen-timeout
- mark-seen
- monospace-font
- no-folder-dots
- paned-size
- paned-view-headers-state
- photo-local
- prompt-check-if-default-mailer
- prompt-on-delete-in-vfolder
- prompt-on-empty-subject
- prompt-on-empty-trash
- prompt-on-expunge
- prompt-on-folder-drop-copy
- prompt-on-folder-drop-move
- prompt-on-invalid-recip
- prompt-on-list-reply-to
- prompt-on-mark-all-read
- prompt-on-only-bcc
- prompt-on-open-many
- prompt-on-private-list-reply
- prompt-on-reply-close-browser
- prompt-on-reply-many-recips
- prompt-on-unwanted-html
- reply-style-name
- reply-style
- safe-list
- save-dir
- send-recv-all-on-start
- send-recv-on-start
- show-all-headers
- show-animated-images
- show-deleted
- show-email
- show-headers
- show-real-date
- show-sender-photo
- side-bar-ellipsize-mode
- side-bar-search
- sort-accounts-alpha
- sync-interval
- thread-expand
- thread-latest
- thread-subject
- trash-empty-date
- trash-empty-on-exit-days
- trash-empty-on-exit
- use-custom-font
- variable-width-font
- vertical-view-fonts
- plugin
- attachment-reminder
- autocontacts
- email-custom-header
- external-editor
- face-picture
- itip
- mail-notification
- prefer-plain
- publish-calendar
- templates
- shell
- shell
- spamassassin
- disabled-eplugins
- version
- evolution
- file-roller
- dialogs
- file-selector
- general
- listing
- ui
- gedit
- plugins
- externaltools
- filebrowser
- pythonconsole
- time
- active-plugins
- preferences
- editor
- auto-indent
- auto-save-interval
- auto-save
- bracket-matching
- create-backup-copy
- display-line-numbers
- display-right-margin
- editor-font
- ensure-trailing-newline
- highlight-current-line
- insert-spaces
- max-undo-actions
- restore-cursor-position
- right-margin-position
- scheme
- search-highlighting
- smart-home-end
- syntax-highlighting
- tabs-size
- undo-actions-limit
- use-default-font
- wrap-mode
- encodings
- ui
- editor
- state
- file-filter
- history-entry
- window
- plugins
- gnome-mahjongg
- gnome-screenshot
- gnome-session
- gnome-sudoku
- always-show-hints
- auto-save-interval
- bg-color
- difficulty
- generate-endlessly
- generate-for-target
- generate-target-easy
- generate-target-hard
- generate-target-medium
- generate-target-very-hard
- group-size
- height
- highlight
- mark-printed-as-played
- minimum-number-of-new-puzzles
- number-of-sudokus-to-generate
- print-already-played-games
- print-easy
- print-hard
- print-medium
- print-multiple-sudokus-to-print
- print-very-hard
- show-impossible-implications
- show-toolbar
- show-tracker
- sudokus-per-page
- width
- gnome-system-log
- gnome-system-monitor
- disktreenew
- memmapstree
- openfilestree
- proctree
- col-0-visible
- col-0-width
- col-1-visible
- col-1-width
- col-2-visible
- col-2-width
- col-3-visible
- col-3-width
- col-4-visible
- col-4-width
- col-5-visible
- col-5-width
- col-6-visible
- col-6-width
- col-7-visible
- col-7-width
- col-8-visible
- col-8-width
- col-9-visible
- col-9-width
- col-10-visible
- col-10-width
- col-11-visible
- col-11-width
- col-12-visible
- col-12-width
- col-13-visible
- col-13-width
- col-14-visible
- col-14-width
- col-15-visible
- col-15-width
- col-16-visible
- col-16-width
- col-17-visible
- col-17-width
- col-18-visible
- col-18-width
- col-19-visible
- col-19-width
- col-20-visible
- col-20-width
- col-21-visible
- col-21-width
- col-22-visible
- col-22-width
- columns-order
- sort-col
- sort-order
- cpu-colors
- cpu-stacked-area-chart
- current-tab
- disks-interval
- graph-update-interval
- height
- kill-dialog
- maximized
- mem-color
- net-in-color
- net-out-color
- network-in-bits
- show-all-fs
- show-dependencies
- show-tree
- show-whose-processes
- smooth-refresh
- solaris-mode
- swap-color
- update-interval
- view-as
- width
- window-state
- x-position
- y-position
- GWeather
- libgnomekbd
- desktop
- indicator
- keyboard
- preview
- login-screen
- maps
- metacity
- mines
- mutter
- nautilus
- desktop
- icon-view
- list-view
- preferences
- always-use-location-entry
- bulk-rename-tool
- click-policy
- confirm-trash
- default-folder-viewer
- default-sort-in-reverse-order
- default-sort-order
- enable-delete
- enable-interactive-search
- executable-text-activation
- install-mime-activation
- mouse-back-button
- mouse-forward-button
- mouse-use-extra-buttons
- show-directory-item-counts
- show-hidden-files
- show-image-thumbnails
- sort-directories-first
- tabs-open-position
- thumbnail-limit
- window-state
- NautilusSendto
- nm-applet
- packagekit
- autocomplete
- category-groups
- dbus-default-interaction
- dbus-enforced-interaction
- enable-autoremove
- enable-codec-helper
- enable-font-helper
- enable-mime-type-helper
- filter-arch
- filter-basename
- filter-newest
- filter-supported
- ignored-dbus-requests
- notify-mobile-connection
- only-newest
- repo-show-details
- scroll-active
- search-mode
- show-all-packages
- show-copy-confirm
- show-depends
- photos
- power-manager
- rhythmbox
- display-page-tree
- library
- player
- plugins
- iradio
- lyrics
- magnatune
- replaygain
- visualizer
- active-plugins
- no-user-plugins
- seen-plugins
- podcast
- rhythmdb
- sharing
- sources
- display-page-tree-height
- display-page-tree-visible
- follow-playing
- maximized
- paned-position
- position
- queue-as-sidebar
- right-paned-position
- show-album-art
- show-song-position-slider
- size
- statusbar-visible
- time-display
- settings-daemon
- peripherals
- input-devices
- keyboard
- mouse
- smartcard
- touchpad
- touchscreen
- plugins
- a11y-keyboard
- a11y-settings
- background
- clipboard
- color
- cursor
- datetime
- gdu-sd
- gsdwacom
- housekeeping
- keyboard
- media-keys
- active
- area-screenshot-clip
- area-screenshot
- calculator
- custom-keybindings
- decrease-text-size
- eject
- help
- home
- increase-text-size
- logout
- magnifier-zoom-in
- magnifier-zoom-out
- magnifier
- max-screencast-length
- media
- next
- on-screen-keyboard
- pause
- play
- previous
- priority
- screencast
- screenreader
- screensaver
- screenshot-clip
- screenshot
- search
- stop
- terminal
- toggle-contrast
- volume-down
- volume-mute
- volume-up
- window-screenshot-clip
- window-screenshot
- www
- mouse
- orientation
- power
- active
- button-hibernate
- button-power
- button-sleep
- button-suspend
- critical-battery-action
- idle-brightness
- idle-dim
- lid-close-ac-action
- lid-close-battery-action
- lid-close-suspend-with-external-monitor
- notify-perhaps-recall
- percentage-action
- percentage-critical
- percentage-low
- priority
- sleep-inactive-ac-timeout
- sleep-inactive-ac-type
- sleep-inactive-battery-timeout
- sleep-inactive-battery-type
- time-action
- time-critical
- time-low
- use-time-for-policy
- print-notifications
- remote-display
- rfkill
- screensaver-proxy
- smartcard
- sound
- updates
- xrandr
- xsettings
- whitelisted-plugins
- peripherals
- shell
- app-switcher
- calendar
- extensions
- classic-overrides
- window-list
- keybindings
- keyboard
- overrides
- recorder
- window-switcher
- always-show-log-out
- app-folder-categories
- app-picker-view
- command-history
- development-tools
- enable-app-monitoring
- enabled-extensions
- favorite-apps
- looking-glass-history
- remember-mount-password
- saved-im-presence
- saved-session-presence
- simple-scan
- sushi
- system
- dns-sd
- smb
- telepathy-account-widgets
- terminal
- Totem
- opensubtitles
- pythonconsole
- active-plugins
- audio-output-type
- auto-resize
- autoload-chapters
- autoload-subtitles
- brightness
- contrast
- debug
- disable-deinterlacing
- disable-keyboard-shortcuts
- disable-user-plugins
- hue
- lock-screensaver-on-audio
- network-buffer-threshold
- open-uri
- remember-position
- repeat
- saturation
- screenshot-save-uri
- show-visualizations
- shuffle
- subtitle-encoding
- subtitle-font
- visualization-name
- visualization-quality
- vinagre
- Weather
- Application
- yelp
- baobab
- gtk
- exampleapp
- settings
- nemo
- compact-view
- desktop
- icon-view
- list-view
- preferences
- always-use-browser
- bulk-rename-tool
- click-policy
- close-device-view-on-device-eject
- confirm-trash
- date-format
- default-folder-viewer
- default-sort-in-reverse-order
- default-sort-order
- desktop-is-home-dir
- disable-menu-warning
- enable-delete
- executable-text-activation
- ignore-view-metadata
- mouse-back-button
- mouse-forward-button
- mouse-use-extra-buttons
- show-advanced-permissions
- show-bookmarks-in-to-menus
- show-computer-icon-toolbar
- show-directory-item-counts
- show-edit-icon-toolbar
- show-full-path-titles
- show-hidden-files
- show-home-icon-toolbar
- show-icon-text
- show-image-thumbnails
- show-label-search-icon-toolbar
- show-location-entry
- show-places-in-to-menus
- show-reload-icon-toolbar
- show-search-icon-toolbar
- show-up-icon-toolbar
- size-prefixes
- sort-directories-first
- start-with-dual-pane
- swap-trash-delete
- tabs-open-position
- thumbnail-limit
- tooltips-in-icon-view
- tooltips-in-list-view
- tooltips-on-desktop
- tooltips-show-access-date
- tooltips-show-file-type
- tooltips-show-mod-date
- tooltips-show-path
- sidebar-panels
- window-state
- onboard
- auto-show
- icon-palette
- keyboard
- lockdown
- scanner
- theme-settings
- typing-assistance
- universal-access
- window
- current-settings-page
- key-label-font
- key-label-overrides
- layout
- schema-version
- show-status-icon
- show-tooltips
- snippets
- start-minimized
- status-icon-provider
- system-theme-associations
- system-theme-tracking-enabled
- theme
- use-system-defaults
- xembed-onboard
- virt-manager
- virt-manager
- confirm
- connections
- console
- details
- new-vm
- paths
- stats
- urls
- vmlist-fields
- manager-window-height
- manager-window-width
- system-tray
- virt-manager
- yorba
- shotwell
- crop-settings
- dataimports
- plugins
- enable-state
- dataimports-fspot
- publishing-facebook
- publishing-flickr
- publishing-picasa
- publishing-piwigo
- publishing-tumblr
- publishing-yandex-fotki
- publishing-youtube
- transitions-blinds
- transitions-chess
- transitions-circle
- transitions-circles
- transitions-clock
- transitions-crumble
- transitions-fade
- transitions-slide
- transitions-squares
- transitions-stripes
- enable-state
- preferences
- editing
- files
- slideshow
- ui
- background-color
- display-basic-properties
- display-event-comments
- display-extended-properties
- display-photo-comments
- display-photo-ratings
- display-photo-tags
- display-photo-titles
- display-search-bar
- display-sidebar
- event-photos-sort-ascending
- event-photos-sort-by
- events-sort-ascending
- hide-photos-already-imported
- keep-relativity
- library-photos-sort-ascending
- library-photos-sort-by
- modify-originals
- photo-rating-filter
- photo-thumbnail-scale
- pin-toolbar-state
- show-welcome-dialog
- sidebar-position
- use-24-hour-time
- window
- printing
- sharing
- flickr
- org-yorba-shotwell-publishing-piwigo
- org-yorba-shotwell-publishing-tumblr
- org-yorba-shotwell-publishing-yandex-fotki
- picasa
- youtube
- default-service
- last-used-service
- video
- shotwell
- cinnamon
- system
- locale
- proxy
- ftp
- http
- https
- socks
- autoconfig-url
- ignore-hosts
- mode
- use-same-proxy
- Custom Gnome 3 settings
- Enable Gnome 3 settings
- apps
- Linux Settings
- Mac OS X Settings
- 802.1X Settings
- Application Access Settings
- Permit/prohibit access to application list: AppleScript
- Permit/prohibit access to application list: Applications
- Permit/prohibit access to application list: Server
- Permit/prohibit access to application list: Utilities
- Permit/prohibit access to applications
- Permit/prohibit access to the user-specific applications
- Automount Settings
- Custom Settings
- Desktop Settings
- Dock Settings
- Add other folders to Dock
- Adjust the Dock's icon size
- Adjust the Dock's magnified icon size
- Adjust the Dock's position on screen
- Adjust the effect shown when minimizing the Dock
- Animate opening applications
- Automatically hide and show the Dock
- Lock the Dock
- Merge with user's Dock
- Place Applications in Dock
- Place Documents and Folders in Dock
- Finder Settings
- Folder Redirection
- Folder Redirect Actions at Login Time
- Folder Redirect Actions at Logout Time
- Import Settings
- Login Settings
- Media Access Settings
- Mobility Settings
- Legacy Settings
- Synchronization Rules: Background Sync
- Synchronization Rules: Login & Logout Sync
- Synchronization Rules: Options
- Enable/disable synchronization
- macOS 10.12 or above Settings
- Mac OS X 10.5 Settings
- Account Expiry
- Synchronization Rules
- Background Sync
- Skip items
- Synchronize items
- Enable background sync rules
- Login & Logout Sync
- Skip items
- Synchronize items
- Enable login & logout sync rules
- Options
- Background Sync
- Configure mobile account creation
- Configure mobile account options
- Mac OS X 10.6 Settings
- Account Expiry
- Synchronization Rules
- Home Sync
- Skip items
- Synchronize items
- Enable home sync rules
- Options
- Preference Sync
- Skip items
- Synchronize items
- Enable preference sync rules
- Home Sync
- Configure mobile account creation
- Configure mobile account options
- Mac OS X 10.7 Settings
- Account Expiry
- Synchronization Rules
- Home Sync
- Skip items
- Synchronize items
- Enable home sync rules
- Options
- Preference Sync
- Skip items
- Synchronize items
- Enable preference sync rules
- Home Sync
- Configure mobile account creation
- Configure mobile account options
- Mac OS X 10.8 to 10.11 Settings
- Account Expiry
- Synchronization Rules
- Home Sync
- Skip items
- Synchronize items
- Enable home sync rules
- Options
- Preference Sync
- Skip items
- Synchronize items
- Enable preference sync rules
- Home Sync
- Configure mobile account creation
- Configure mobile account options
- Use version specific settings
- Legacy Settings
- Printing Settings
- Scripts (Login/Logout)
- Security & Privacy
- Keychain Policies
- Public Key Policies
- Allow DoD Encryption Wizard to use smart card
- Allow NSSDB based applications to use smart card
- Disable Dictation
- Lock Smart Card screen
- NSSDB based applications allowed to use smart card
- Prohibit authentication with expired password
- Require password to wake this computer from sleep or screen saver
- System Preferences Settings
- Legacy Settings
- Enable System Preferences Pane: Hardware
- Enable System Preferences Pane: Internet & Network
- Enable System Preferences Pane: Other Preferences Panes
- Enable System Preferences Pane: Personal
- Enable System Preferences Pane: System
- Limit items usage on System Preferences
- Mac OS X 10.5 Settings
- Enable System Preferences Panes
- Limit items usage on System Preferences
- Mac OS X 10.6 Settings
- Enable System Preferences Panes
- Limit items usage on System Preferences
- Mac OS X 10.7 Settings
- Enable System Preferences Panes
- Limit items usage on System Preferences
- Mac OS X 10.8 Settings
- Enable System Preferences Panes
- Limit items usage on System Preferences
- Mac OS X 10.9 Settings
- Enable System Preferences Panes
- Limit items usage on System Preferences
- Mac OS X 10.10 or above Settings
- Enable System Preferences Panes
- Limit items usage on System Preferences
- Use version specific settings
- Legacy Settings
- Windows Settings