Hi folks, I've been reading the excellent howto collection by John et al., but have been tairing my hair out over a rather simple setup. We have an NT4 based PDC which we'd like to use to authenticate users for a BEA Weblogic application. Is it possible to configure Samba 3.0.2a as a Domain Member server without a local copy of the SAM on the Linux Samba server? The documentation states that even in this case, domain users on the PDC must be known locally on the Samba server. I have used "net rpc vampire" to obtain the user db and store it in the local ldap on the Samba server, and it looks like everything (including the password hashes) was migrated successfully. Joining the test domain via net rpc join has also been successful. I can also use "winbind -a" to test authentication of a test user, and it seems to work ok. When trying to authenticate using BEA's NTLM mechanism, I get an "access denied" error, although the ldap search filter is correct and apparently returns the correct user details. Sorry for the obscure description of the problem, I'll be more than happy to provide more details if needed. I'm quite new at this so I'd be glad if somebody you point me into a direction how to analyze this problem. Thanks in advance & for your time, uwe -- Uwe Schuerkamp, Nionex GmbH http://www.nionex.com/ Uwe.Schuerkamp@nionex.net FON: +49 (0)5241 / 80 10 66, FAX: / 806 23 38 GnuPG KeyID: 5887047D Avenwedder Str. 55, 33311 Guetersloh GnuPG Fingerprint: 2E 13 20 22 9A 3F 63 7F 67 6F E9 B1 A8 36 A4 61