i think those are two separate issues. there should be no difference in this behavior when using an image generated with instadmg. it doesn't do anything magic to /etc/authorization, unless you include components that do so.
it's pretty easy to manipulate the authorization file with puppet's built in macauthorization resource type, like so:
macauthorization { 'system.login.screensaver':
ensure => 'present',
auth_class => 'rule',
auth_type => 'right',
comment => '(Use SecurityAgent.) The owner or any administrator can unlock the screensaver.',
rule => ['authenticate-session-owner-or-admin'],
}
but you're not using puppet, so you'll probably want to use PlistBuddy or whatever text manipulation language you like (awk, perl, python, ruby, etc.):
/usr/libexec/PlistBuddy -c 'Set rights:system.login.screensaver:comment "(Use SecurityAgent.) The owner or any administrator can unlock the screensaver."' /etc/authorization
