Rahim,
At present, the "delphix" OS account that you describe (a.k.a. usually referred to as "delphix_os" in the
Delphix documentation) needs to belong to the same OS group(s) to which the Oracle software owner OS account belongs.
The Oracle software owner account is usually called "oracle", and this OS account is generally designated primarily as a member of an OS group called "oinstall" as well as another secondary OS group called "dba", which is usually referred to in
Oracle documentation as OSDBA. There are often additional Oracle-related OS groups such as "oper", "asmadmin", etc. Because Oracle is not specific on this, each Oracle installation tends to vary on names and memberships, which is "primary", which is "secondary", etc.
So, if the Oracle-related OS groups and OS accounts are also managed by LDAP (Centrify), then you probably can create the "delphix" OS account similarly, with the same OS group memberships if possible?
By default, Delphix employs the open-source "sudo" package for privilege escalation to "root", as described in the documentation
HERE. Delphix supports other privilege packages, including "dzdo", as documented
HERE, but there is an expectation that the Delphix OS account has the ability to execute certain Oracle commands without privilege escalation, so hopefully Centrify permits this?
Please let us know what you think?
Thanks!
-Tim