I'm pondering setting up an MIT Kerberos server, but only if it'll help with password synch on my SGI machines as well as the other stuff.
So far as I can tell from Google, my options for older versions are:
1) Try my hand at hacking around with OpenAFS, which has some weird voodoo iaf? module
2) Replace /bin/login with some hacked up MIT version and forgo xdm logins
(Okay, the last two are my homage to Slashdot
Or am I really screwed without 6.5.20 (or whatever version it is that has PAM support)?