Merge local group membership from the /etc/group file into the Centrify DirectControl group membership for groups that have the same name and GID.
For example, if Centrify DirectControl Agent retrieves the membership list of kwan, emily, and sam for the group profile with the group name performx1 and GID 92531 from Active Directory and there is also a local group named performx1 with the GID 92531 with users wilson and jae, the merged group would include all five members (kwan, emily, sam, wilson, jae).
By default, this group value is set to false to prevent unexpected results.
Be careful when enabling this policy, because it violates normal NSS behavior and, therefore, may have unexpected side effects. You should analyze your environment carefully, and determine that you can safely merge local and Active Directory group profiles before enabling this policy.
This group policy modifies the adclient.local.group.merge setting in the Centrify DirectControl configuration file.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\CentrifyDC\Settings |
Value Name | adclient.local.group.merge |
Value Type | REG_SZ |
Enabled Value | true |
Disabled Value | false |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\CentrifyDC\Settings |
Value Name | adclient.local.group.merge |
Value Type | REG_DWORD |
Default Value | 0 |
Min Value | 0 |
Max Value |