Disable a User's Access with AD Bridge

When a computer cannot communicate with a domain controller, a user whose account was disabled on the domain controller, but who logged on to the computer prior to their account being disabled, can continue to log on until you clear the cache or until the computer regains communication with the domain controller.

By default, the cache expires after 4 hours. You can configure the interval using an AD Bridge Enterprise Group Policy setting or, if the policy setting has not been configured, by modifying the registry using the AD Bridge Enterprise config tool.

  1. Start Active Directory Users and Computers.
  2. Find the user.
  3. Right-click the user that you want to disable, and then click Properties.
  4. Click the AD Bridge Cell Settings tab.
  5. In the AD Bridge Cells section, uncheck the boxes for the cells where you want to disable the user. To disable the user's access to all Linux, Unix, and macOS computers, uncheck all the boxes.