Applies to:
Centrify DirectControl 5.2.3+ on AIX platform

Question:
Centrify DirectControl not able to authenticate AD user after Installing Oracle RCA KRB5 on AIX

Answer:
Centrify DirectControl and Oracle RCA KRB5 can coexist within the same server. DirectControl installs all its libraries in private directory under /usr/share/centrifydc - except PAM and NSS which has to be in system folder. Other component on the system will not use the Kerberos library shipped in DirectControl.

There might be problem with /etc/method.cfg file if you are experience the following

1. Confirm adclient is running and in connected state.  
2. The command “adquery user” return a list of the AD user as expected
3. Running the command “lsuser [AD user account]” report the user does not exist

The problem reported might related to incorrect formatting of /etc/method.cfg file

Example of /etc/method.cfg with correct formatting:
[…]
CentrifyDC:
     program = /user/lib/security/CENTRIFYDC
     program_64 = /usr/lib/security/CENTRIFYDC64
     options = noprompt

KRB5A:
     program = /usr/lib/security/KRB5A
     options = athonly

KRB5Afiles:
    Options = db=BUILTIN, auth=KRB5A
[…]

Note 1: Please make sure you backup the existing /etc/method.cfg before editing the file.

Note 2: method.cfg file follow a very specific formatting.  If the formatting are off, it will cause components not working properly.
If you continue experience issue, please collect Centrify Debug log and contact support for assistant.

Reference KB: https://centrify.force.com/support/Article/KB-0062-How-to-enable-debug-logging-on-Unix-Linux-machines