Hi all, I have several Linux boxes (Mandrake 7.2) authenticating against Netscape's LDAP 4.12. This has been working well but I want to change the use of the pam_filter. I have: pam_filter &(objectclass=posixaccount) (host=my.box.net) in the ldap.conf file, where the host equals the local box name. Users then need to have host=my.box.net as an attribute of the account object class. I found that if I comment out the pam_filter, I still get the same results as when the line was there. i.e. the user cannot login unless he has the host attribute to match the box. Do I need to restart something? Does anyone know what else would be doing this host check? Thank you everyone, Kelli