I still can't authenticate on the first machine. I set up samba and winbind on a second machine to go through the steps, one by one. This one works, sort of... it can authenticate users on the NT domain, but complains about not having a home directory for them, and so dumps them in / with error messages. Also: [root@devweb pam.d]# wbinfo -a INDY+username%password plaintext password authentication failed error code was NT_STATUS_INVALID_PARAMETER (0xc000000d) Could not authenticate user INDY+username%password with plaintext password Lots of Google results asking about this, but none giving an answer... :-( -- John Oliver, CCNA http://www.john-oliver.net/ Linux/UNIX/network consulting http://www.john-oliver.net/resume/ *** sendmail, Apache, ftp, DNS, spam filtering *** **** Colocation, T1s, web/email/ftp hosting ****