The following security issues applies to the Solaris 10 release.
If Kerberos is configured to use the LDAP backend for the Kerberos database, krb5kdc/kadmind will fail to start when run through SMF. krb5kdc/kadmind will be in the maintenance state.
Workaround: Type the following command:
echo "something" >/var/krb5/principal
Note - Do not use this workaround unless the Kerberos LDAP database backend is being used. If the default db2 backend is being used, this workaround will destroy the Kerberos database.
After the account management PAM module for LDAP (pam_ldap) is enabled, users must have passwords to log in to the system. Consequently, nonpassword-based logins fail, including those logins that use the following tools:
Remote shell (rsh)
Remote login (rlogin)
Secure shell (ssh)
A Sun StorEdge T3 system might panic if an application uses the HTTP interface to send tokens with out-of-range parameters.