Verifying You Can Log in
If an administrator has installed the Verify Privilege Server Suite Agent on a UNIX or Linux computer you use, the next step is to verify that you can log in successfully. The Verify Privilege Server Suite Agent does not change how you log in to your computer. However, you must be assigned at least one role that allows you to log in.
When you are prompted for a user name and password, type your Active Directory or UNIX user name and your Active Directory password. If you provide valid credentials and have been assigned a role with permission to log in, you should be able to log in to your computer with a standard UNIX shell. If this is a computer you used earlier, before it became a Verify Privilege Server Suite-managed computer, there should be no noticeable changes to your working environment.
As a part of the deployment of Verify Privilege Server Suite software, your computer may or may not have been joined to a zone. To verify that the Verify Privilege Server Suite Agent is installed, that you are connected to an Active Directory Domain, and that you are connected to a zone, run the adinfo command. For example, if you are a user named billy in a zone named KHeadquarters, your output may look similar to the following:
[billy@kh-rh Desktop]\$ adinfo
Local host name: kh-rh
Joined to domain: demo.acme.com
Joined as: kh-rh.demo.acme.com
Pre-win2K name: kh-rh
Current DC: deploy.acme.com
Preferred site: Default-First-Site-Name
Zone: demo.acme.com/Program Data/Acme/Zones/KHeadquarters
CentrifyDC mode: connected
Licensed Features: Enabled
To learn more about commonly used commands that may be available to you, see Commands available for users.
If the Verify Privilege Server Suite Agent is installed but not connected to a zone, or if the agent is not installed on your local computer, you should contact your administrator.
If the zone information for the agent is configured, but the agent status is Disconnected, restart the agent.
To restart the agent type the following:
\$ adclient -x
\$ adclient
If the agent status is still Disconnected, contact your system administrator.
Multi-Factor Authentication
Your organization may require multi-factor authentication in order for you to log in to your computer, or to execute commands using elevated privileges (dzdo) in a normal or restricted shell (dzsh) environment.
If multi-factor authentication is required as part of the login process, you will have to provide a password as well as a second form of authentication to log in to your computer. If multi-factor authentication is required as part of a re-authentication process, such as when you use command rights with elevated privileges or in a restricted shell, you must provide a password and either one or two other forms of authentication other than a password.