Thanks a lot
I made those changes on my laptop and was able to get it to work. So I think this is all good.
Just a quick question. Even now, though it is working, I see entries like following in /var/log/centrifydc.log if addebug is on.
==
Jul 13 06:09:51 viz-ltp-178 adclient[15957]: DEBUG <fd:25 PAMUserIsOurResponsibility > base.bind.cache Skipping vikram since the object is not enabled in the current zone
Jul 13 06:09:51 viz-ltp-178 adclient[15957]: DEBUG <fd:25 PAMUserIsOurResponsibility > base.adagent findByAttr: Not Found:vikram category:user attr=sAMAccountName
.
.
Jul 13 06:09:51 viz-ltp-178 adclient[15957]: DEBUG <fd:25 PAMUserIsOurResponsibility > base.adagent findObject: NotFound:vikram Category:user
Jul 13 06:09:51 viz-ltp-178 adclient[15957]: DEBUG <fd:25 PAMUserIsOurResponsibility > base.objecthelper 'vikram' is not a canonical name
Jul 13 06:09:51 viz-ltp-178 adclient[15957]: DEBUG <fd:23 compiz(17689)> Authentication for user 'vikram': skipping because user has no Active Directory account.
==
Also "adquery user vikram" still says "vikram is not a zone user" whereas with a -A it returns proper entries.
But I was able to do a "su - vikram" successfully and there is no local user called vikram. Also within the su session, "hostname -d" shows I am on the right domain. So I think its all working fine. But just thought of checking about above logs to be sure.
Thanks again,
Vikram