In many ways, OS X 10.5.7 is a huge improvement for Leopard users, enhancing Finder network reliability, iCal server interaction, and portable home directory performance. In a managed Open Directory environment, however, it may also have the unfortunate side effect of locking you out of your legacy PowerPC machines.

At the root of the problem is the /etc/authorization file, which outlines unique situations where users are granted escalated privileges, and which should be altered as part of the 10.5.7 update process. It appears, however, that the file is updated only on Intel-based machines, leaving managed users on the PPC architecture unable to login on their workstations or laptops.

The solution is to copy the file to a PPC machine booted into target mode from an updated Intel installation, taking care that the ownership and permissions remain the same as on the Intel version. Alternately, if you have multiple PowerPC machines updated and booted, the same idea can be applied en masse by pushing an updated Intel file out via Apple Remote Desktop, JAMF Casper Suite, LANrev, or your preferred third-party distribution tool.

Once the corrected file is in place, reboot the afflicted machines, and login should be restored.