My issue is permission denied. The setup is as follows. a) All the development dirs are mounted on Solaris-10/9 server b) Home Directories are mounted on a netapp filer c) All the /projects[0-5] and /home mounts are setup in automount, NIS master is Solaris d) Samba server is Linux, with winbind and kerberos; samba version is 3.3 e) Autmounter is running on samba server and can mount /home and /projects[0-5] fine Setup is briefly as follows +------------+ +------------+ +-------------+ | | | | | | | | | | | | | Solaris-10 | | Solaris-10 | | NetAPP | | NFS | | NFS | | /home | | /projects | | /project1| | | +------------+ +------------+ +-------------+ NIS Master +-------------+ +-------------+ | | | | Linux - RH 5.3 | | | | Automounter | Linux |->-| Windows AD | NIS Client | Samba | | 2003 R2 | Kerberos | server | | | Winbind +-------------+ +-------------+ | server1 (kdc) | relam xxx.example.com | | +-------------+ +-------------+ | | | | | | | | | WIN xP | | Win XP | | Samba | | Samba | | Client | | Client | +-------------+ +-------------+ The problem I'm facing is when a user logs in directly to the samba server or tries to map samba shares /home through win XP clients, it errors with permission denied. The Samba server is automounting the /home and /projects. getent passwd and wbinfo -u and wbinfo -g all are working fine. kinit and kerberos look ups are fine. pam configuration looks right, because users can login. The only problem is the permission denied access on all /home mappings and /projects directories being opened in read only access. On samba server the setup is /etc/nsswitch.conf passwd: files winbind group: files winbind /etc/samba/smb.conf looks something like this workgroup = cifs server string = samba1 security = ads ; use Kerberos keytab = true password server = server1.example.com encrypt passwords = true idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 winbind enum users = true winbind enum group = true winbind use default domain = yes template shell = /bin/bash template homedir = /home/%U [homes] path=/home/%U readonly = no writable = yes browsable = no [dev] Path = /projects Regards, Ravi