Manage login filters

Specify the users and groups allowed to log in to the system.

There are two lists, one for user names and one for group names. These lists either specify the users and groups who are allowed to log in (in which case all other users and groups are denied), or the users and groups who are denied login access (in which case all others are allowed).

With this policy, you can explicitly list either:

- Users and groups who are allowed to log in (all other users and groups are denied)
- Users and groups who should be denied access (all others are allowed)

When you enable this policy, you can select either allow or deny option, then specify a list of user names, a list of group names, or both. You should specify samAccountName@domain_name as user or group name. Use a comma to separate entries.

Depending on your selections when you configure this group policy setting, the policy can modify any of the following configuration parameters in the Centrify DirectControl configuration file:


Supported on:

Run Commands

Registry PathSoftware\Policies\Centrify\CentrifyDC\Settings\Login
Value Name{number}
Default Value


Administrative Templates (Computers)

Administrative Templates (Users)