Ah, win->ldap authentication. :)
--Kervin
3) Suppose (horror horabilis) I were willing to give up the requirement that Unix passwords are stored in hashed form. Could I get Windows clients to authenticate off Unix passwords? I don't just mean for filesharing, but for user login -- the idea would be to replace Active Directory. How would this work in detail (i.e. do smbPassword and userPassword become a single attribute? or do I need some funky pam_ldap module modifications to make sure they are synched at all times?)