To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch:

--- /etc/pam.conf.DIST	Mon Jul 20 15:37:46 1998
+++ /etc/pam.conf	Tue Feb 15 19:39:12 2000
@@ -4,15 +4,19 @@
 #
 # Authentication management
 #
+login	auth sufficient	/usr/athena/lib/pam_krb4.so
 login	auth required 	/usr/lib/security/pam_unix.so.1 
 login	auth required 	/usr/lib/security/pam_dial_auth.so.1 
 #
 rlogin  auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
 rlogin	auth required 	/usr/lib/security/pam_unix.so.1
 #
+dtlogin	auth sufficient	/usr/athena/lib/pam_krb4.so
 dtlogin	auth required 	/usr/lib/security/pam_unix.so.1 
 #
 rsh	auth required	/usr/lib/security/pam_rhosts_auth.so.1
+# Reafslog is for dtlogin lock display
+other	auth sufficient	/usr/athena/lib/pam_krb4.so reafslog
 other	auth required	/usr/lib/security/pam_unix.so.1
 #
 # Account management
@@ -24,6 +28,8 @@
 #
 # Session management
 #
+dtlogin	session required	/usr/athena/lib/pam_krb4.so
+login	session required	/usr/athena/lib/pam_krb4.so
 other	session required	/usr/lib/security/pam_unix.so.1 
 #
 # Password management
---------------------------------------------------------------------------
To enable PAM in /bin/login and xdm under Red Hat 6.1 apply these patches:

--- /etc/pam.d/login~   Thu Jul  8 00:14:02 1999
+++ /etc/pam.d/login    Mon Aug 30 14:33:12 1999
@@ -1,9 +1,12 @@
 #%PAM-1.0
+# Updated to work with kerberos
+auth       sufficient   /lib/security/pam_krb4.so
 auth       required    /lib/security/pam_securetty.so
 auth       required    /lib/security/pam_pwdb.so shadow nullok
 auth       required    /lib/security/pam_nologin.so
 account    required    /lib/security/pam_pwdb.so
 password   required    /lib/security/pam_cracklib.so
 password   required    /lib/security/pam_pwdb.so nullok use_authtok shadow
+session    required     /lib/security/pam_krb4.so
 session    required    /lib/security/pam_pwdb.so
 session    optional    /lib/security/pam_console.so
--- /etc/pam.d/xdm~     Mon Jun 14 17:39:05 1999
+++ /etc/pam.d/xdm      Mon Aug 30 14:54:51 1999
@@ -1,8 +1,10 @@
 #%PAM-1.0
+auth       sufficient   /lib/security/pam_krb4.so
 auth       required    /lib/security/pam_pwdb.so shadow nullok
 auth       required    /lib/security/pam_nologin.so
 account    required    /lib/security/pam_pwdb.so
 password   required    /lib/security/pam_cracklib.so
 password   required    /lib/security/pam_pwdb.so shadow nullok use_authtok
+session    required     /lib/security/pam_krb4.so
 session    required    /lib/security/pam_pwdb.so
 session    optional     /lib/security/pam_console.so
--------------------------------------------------------------------------

This stuff may work under some other system.

# To get this to work, you will have to add entries to /etc/pam.conf
#
# To make login kerberos-aware, you might change pam.conf to look
# like:

# login authorization
login   auth       sufficient   /lib/security/pam_krb4.so
login   auth       required     /lib/security/pam_securetty.so
login   auth       required     /lib/security/pam_unix_auth.so
login   account    required     /lib/security/pam_unix_acct.so
login   password   required     /lib/security/pam_unix_passwd.so
login   session    required     /lib/security/pam_krb4.so
login   session    required     /lib/security/pam_unix_session.so