Recently I had a need to configure the Sun Java System Identity Manager for provisioning users to Solaris. Identity Manager uses Resource Adapters to communicate with resources (Solaris). When you configure a Resource Adapter, you need to specify a userid/password that has the ability to execute user and group management commands. One of the options is to use the sudo utility. Solaris has a far better solution to this problem ... Role Based Access Control (RBAC).
I documented the process of setting up a new Solaris Role (Identity Management) and the creation of a "proxy user" (idmadm). This step-by-step process is available as an article from the BigAdmin Feature Article site.