This article describes an issue when AD users are trying to login to an AIX 7.x system after OS patching was performed.
Problem: Active Directory users can no longer log on to AIX 7.x systems after applying one of the following OS Patches to the system: 1. OS Patch for AIX 7.1: 7100-05-07-2038 2. OS Patch for AIX 7.2: 7200-05-01-2038
Cause: IBM made a change to LAM and changed from version 1 to version 2 in this latest patch. This caused an issue with the calls being made by the Centrify Agent for AIX's LAM interface module to not be interpreted correctly.
Workaround: On AIX systems that have this latest patch applied and are making use of LAM, Centrify recommends switching from using LAM to using PAM on these systems to work around the changes made in the patch.
If LAM is required by the applications on the system and a move to PAM is not feasible, Centrify recommends you do not apply the OS patch at this time.
Solution: The fix for this issue is available on the Centrify Download Center with the release of Centrify Zero Trust Privilege Services 2020.1 (version 5.7.1).