I use Active Directory in our setup and I have always edited /etc/pam.conf to add the new entry.
Now using /etc/pam.d I thought I would check to see what is the correct way of doing this, since at moment I edit the file directly.
# cat /etc/pam.d/login
auth definitive pam_user_policy.so.1
auth requisite pam_authtok_get.so.1
auth required pam_dhkeys.so.1
auth required pam_unix_auth.so.1
auth sufficient pam_krb5.so.1 ## New Entry
auth required pam_unix_cred.so.1
auth required pam_dial_auth.so.1
Reading the documentation I think I need to take all the above and put it into /etc/pam.conf which would override the Solaris 11 default.
Is this correct?