× Welcome to the Centrify Community! We are rolling out product name changes — click here to learn more.

Using adedit to change UNIX Data on a Centrify Zone

Using adedit to change UNIX Data on a Centrify Zone

By Centrify Advisor I on ‎04-02-2017 10:40 PM

Centrify ADEdit is a command-line interface (CLI) utility that enables UNIX administrators to manage Centrify objects—such as zones, rights, and roles—in Microsoft Active Directory.


Here's a custom script that will help you change the shell on all the zone users at the same time:


#!/bin/env adedit
package require ade_lib
bind <ad-domain> <zone-admin-user> <zone-admin-password>
select_zone <zone distinguishedName (DN), for example: CN=Global,CN=Zones,OU=centrifyse,DC=centrify,DC=vms>
        foreach USER [get_zone_users] {
                select_zone_user $USER
                set_zone_user_field shell "%{shell}"


Before you run it make sure to:

1. Specify the AD domain (in DNS format), Zone admin user and its password at line 5;

2. Specify the zone DN at line 7, see below how to retrieve this info:


3. Change the shell value at line 11 (for example set_zone_user_field shell "/bin/false");

4. Make sure to change the file permissions to allow execution (chmod +x file_name.sh).


Showing results for 
Search instead for 
Do you mean 

Community Control Panel