Welcome to the Centrify Community
Try adding the MAC user to be part of the LPOperator of the LPAdmin group. The KB below will step you through the process. This process is for a GPO to allow this.
https://centrify.force.com/support/Article/KB-2986-How-to-use-the-Map-zone-groups-to-local-group-GP-for-Mac-systems