Specifies whether you want user credentials to be automatically reissued when they expire.
If this policy is enabled, Centrify DirectControl Agent keeps a hash of the user's password in memory indefinitely. If this policy is disabled, a user's credentials periodically expire and the user must be re-authenticated by re-entering a valid password.
If this policy is enabled, user credentials are automatically reissued, as needed, as long as the adclient process continues to run even if the computer is disconnected from Active Directory. If you stop or restart adclient, however, the user's password hash is removed from memory. After stopping or restarting adclient, users must be re-authenticated by logging on with a valid user name and password.
By default this policy is disabled.
This group policy modifies the krb5.cache.infinite.renewal setting in the Centrify DirectControl configuration file.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Kerberos |
Value Name | krb5.cache.infinite.renewal |
Value Type | REG_SZ |
Enabled Value | true |
Disabled Value | false |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Kerberos |
Value Name | {number} |
Value Type | REG_DWORD |
Default Value |