Specify whether user Kerberos credential cache is created in PAM.
If enabled, a user Kerberos credential cache will be created by adclient. The Kerberos credential cache could be file based or KCM in-memory mode, depending on setting krb5.cache.type.
If disabled, no user Kerberos credential cache will be created by adclient.
The default value is true when it is not configured.
Note that, when set to disabled, no user Kerberos credential cache is created and any attempt to do SSO operation is expected to fail.
This group policy modifies the pam.auth.create.krb5.cache setting in the Centrify DirectControl configuration file.
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Kerberos |
Value Name | pam.auth.create.krb5.cache |
Value Type | REG_SZ |
Enabled Value | true |
Disabled Value | false |
Registry Hive | HKEY_LOCAL_MACHINE |
Registry Path | Software\Policies\Centrify\CentrifyDC\Settings\Kerberos |
Value Name | {number} |
Value Type | REG_DWORD |
Default Value |