After an upgrade to Centrify DirectAudit and/or Centrify DirectControl version 18.11, some local users cannot login when DirectAudit is enabled but not running. When looking at the user profile on the machine via getent or adquery user, the shell shows as a non-executable such as /sbin/nologin, or /bin/false
This issue occurs on machines where AppArmor is enabled. If there is a pre-existing file /etc/apparmor.d/adstractions/centrifyda, this file is not replaced with the proper abstractions during an update to Centrify DirectAudit and Centrify DirectControl.
Add the following policies to /etc/apparmor.d/abstractions/centrifydc or /etc/apparmor.d/abstractions/centrifyda
Stop and restart the AppArmor service
# /etc/init.d/boot.apparmor stop
# /etc/init.d/boot.apparmor start
This issue is resolved in release 18.11 for SUSE 11 S390. For other architectures, this issue will be resolved in a future release.