I'm trying the steps outlined in this blogpost: http://zews.org/rhel6-active-directory which is actually working partially for me. I can log in (with some users anyway), it seems to get the home directory from LDAP and shell. It doesn't seem to get the groups. I have added (as listed in the example confs on that blog post) groups files sss and even tried editing to netgroup files sss with no luck - it still seems to be using our old NIS to get groups. Finally, finger seems to have cached information (we had %H/user) for home dir, that didn't work, changed to /home/user and then logins worked, but finger still shows the older entry... Any ideas? -- James Pulver LEPP Computer Group Cornell University