Showing results for 
Search instead for 
Do you mean 
Reply
Occasional Visitor
locutus
Posts: 1
Registered: ‎03-16-2012
Accepted Solution

Disable all caching of passwords on Linux hosts

I recently changed my password in Active Directory.  When I try to login from a Linux (Centos 5.7) system with Centrify Express, I get access denied with the new password.  The old one works fine.?!

 

From a security perspective, I don't want passwords cached at all which I think will fix both of these issues.

 

I've tried changing a parameter in /etc/centrify/centrifydc.conf (adclient.cache.object.lifetime from 0 to 1) and restarted centrifydc and ran adflush.  Still no change.

 

Please use plain text.
Centrify
Sumana
Posts: 220
Registered: ‎10-05-2011

Re: Disable all caching of passwords on Linux hosts

We only cache password hash for offline use only, as long as the machine has connectivity and able to talk to Domain Controllers this situation should not arise. Is your machine in disconnected mode ? What does adinfo say ? Does this happen very frequently across several machines in your environment.

 

Would you be able to generate a debug log with this scenarion and send it to me at sumana.annam@centrify.com

Please use plain text.