Under Solaris, adding Role based access with the usermod command fails when trying to add roles to a user from AD:
usermod -K defaultpriv=basic testuser
UX: usermod: ERROR: testuser is not a local user.
This error is because Solaris does not support adding roles to non-local users.
To work around this problem, first we need to manually add the user roles to /etc/user_attr, in this example we would add this line:
Then the pam configuration has to be edited to move the pam_unix_cred module before the pam_vas module in the auth section. See SOL53251 for details about making this change.