The AD script that Unix enables accounts to allow logins to Mac and Unix systems is not currently functioning. Accounts are also not being added to their appropriate child zone in Centrify, even if they are in the right groups.
First check that your user is a part of your zone in Centrify by running the following command: adquery user username
If the command comes back as “username is not a zone user”, follow the instructions below.
To bypass this while the script is fixed, sites will need to access Centrify Access Manager and manually add their users into their Child Zone.
Access Centrify Access Manager from IGSKMNCIASRDS or from an install on your local server.
Browse to your child zone > Unix Data > Users as seen below:
Right-click > Add user to zone and search for your user and click OK.
Accept all the defaults in the pop-up window and click OK
Now reboot the system the user is trying to sign into and have them try again.
