Not sure about S9 in particular, but in Linux you normally modify the
/etc/login.defs file. The value is CLOSE_SESSIONS.
Here's the relevent part of the file:
#
# Enable pam_close_session() calling. When using normal (pam_unix.so)
# session handling modules, this is not needed. However with
The pam_krb5 session module is supposed to clean up your credentials on
logout (if you are the last logout for that session).
I had a Solaris 9 machine which did that. Now I have a different S9
machine which doesn't. Any suggestions for what to look for?