I have an NT domain with several thousand users, to which I'm going to add two LINUX clusters. I would like the users to be authenticated by the PDC or BDCs of the NT domain, or else I would like the NT and LINUX password databases to be synchronized so that they could be administered entirely from NT if one wanted. I understand that I could use pam_smb or pam_ntdom for this purpose. What would I use when the NT domain controllers are replaced with Windows 2000 servers? Is it possible to use an authentication module for Kerberos under Red Hat Linux 7.1 that would work with Windows 2000? If there is such a kerberos authentication module, does it authenticate users through kerberos under windows 2000, bypassing the usual LINUX authentication mechanism, or does this kerberos PAM only provide authenticated user access to kerberized services? I could be missing the point of Kerberos under windows 2000. Thanks for your assistance, Florian Lengyel
