I've been trying to follow samba, centos, ldap, and other documentation to try and get a CentOS 5 box to permit a user to log into an existing Windows 200x Active Directory domain without necessarily having the box as part of the domain. If it has to be part of the domain, that is fine. The user shall have no local account on the box - I want their active directory account to automatically produce their account on the CentOS 5 box, likely with a shell of bash. None of the web pages I've visited thus far have helped me configure my test C5 box to allow me to successfully at least log into the console of my C5 box with my AD credentials. Leads to proper configuration of krb5.conf, ldap config files, smb.conf, nsswitch.conf, and whatever else would be most appreciated. I do have have any control of the Windows domain controller other than limited admin rights, which largely allows me to create computer accounts. Thus, majority of the work must be with the CentOS 5, of which I have root and can rebuild as often as needed. Thanks for any help/leads. Scott