>From the snippets shared of /etc/pam.conf from the two different versions, to me it seems to be an issue with the configuration commit during the boot up.
After loading a new image, config will already get committed during boot, here is where the errors may be seen. If the commit is successful during boot, no need to commit again. Since the config is not getting committed successfully, boot time commit is getting failed. If the boot time commit fails, pam.conf file will not get updated and login will fail.
As you are able to login with a local user account, I would suggest you to perform a commit and if it is successful, check if the Radius Auth works. If it still fails, just reboot the switch and the pam.conf should be updated. If it still fails, suggest to open a ticket with JTAC with the RSI and log files for further investigation.
Thanks, Pradeep Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!
The problem is not related to wrong config commits. We cannot create JTAC request because of expired support contracts.
P.S. We were able to reproduce the problem in 100% of cases on different ex2200\3300 units. I wrote this post just to warn juniper community about this problem and prevent someone "stepping on a rake".