Thought I'd share this as I've spent the last few days tracking down why authentication was not working the way we expected.
Our organization uses Centrify to manage privileged authentication and use it for access to AIX and various flavors of Linux. Our Linux authentication worked, AIX didn't. It turns out that Centrify replaces sudo with dzdo so the "sudo su -" that Qualys uses to elevate itself when authenticating, especially in Policy Compliance scans, fails because sudo no longer exists.
We "fixed" it by linking dzdo to sudo with "ln -s /usr/bin/dzdo /usr/bin/sudo"
If someone else has a better method, please share, but hopefully this will help someone else out who runs into this issue.