Ok, problem solved. I turned out that my nsswitch.conf was in error:
passwd: files ldap group: files ldap shadow: compat snip... is not going to do it, but passwd: files ldap group: files ldap shadow: files ldap snip... is! And I can now return the UsePAM setting to yes. I found it in a thread that included this message: http://mailman.mit.edu/pipermail/kerberos/2004-October/006616.html Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
