In that case you should know that everything that is required to achieve Kerberos SSO is in place due to Centrify integration (AD-optimized MIT Kerberos libraries, config files, keytabs, etc). Here are your challenges
a) The application (in this case XRDP and all its depenencies) have to be Kerberos-enabled
b) The Kerberos-enabled service (ServicePrincipalName or SPN) has to be registered under the computer's record in AD.
c) The client application (RDP client) has to be Kerberos-enabled too.
Good luck.