RHEL5.6 issues with LDAP/KRB5 authentication

So i have set up a RHEL5.6 VM as a basic system. I have upgraded a Win2003 Server to 2003 RC2, and installed the Unix services on it. Using system > Administration > Authentication from the desktop, I have configured LDAP under "User Information". I am not using TLS to encrypt, and set the ldap server as dc=domain,dc=com ldap://dubious.mydomain.com On the "Authentication" tab i have Configured Kerberos. I have manually entered the Realm, KDC and Admin Servers. I have also ticked both boxes "Use DNS to resolve...." If i run: ldapsearch -x dubious -b "CN=Users,dc=domain,dc=com" -D "CNLDAPadmin,CN=Users,DC=domain,CN=com" -W I get loads of replies, then Size limit exceeded. As you would expect. If i run kinit as LDAPadmin, put in the password, and then run klist, everything seems to be ok, as i get a token. I then used kdestroy to get rid of the token I have edited /etc/ldap.conf and added: binddn CN=LDAPAdmin,CN=Users,CN=domain,CN=com bindpw password nss_map_objectclass posixAccount User nss_map_objectclass posixGroup Group nss_map_attribute homeDirectoy unixHomeDirectory If i run "getent passwd" it returns users from Active Directory that have a UID associated in the "Unix Attributes" tab. I can also su to these users, and it creates the home directory,a dn when i run "id" i am getting the values that I inserted in ADS for GID and UID. However i cannot SSH as the user, not log in at the desktop as the user. when i try to ssh as the user, it hangs for a few secs, then asks for the password. Once the password is entered, it hangs for a while (i am assuming until the timeout is reached) and then says Permission Denied. [This is being done in a test network, that can be a little slow, so i wouldnt be too worried about the initial hang while it looks up the ssh user] So from what I am seeing, to me it looks like the system is connecting to LDAP, but i have no idea where it is all going pear shaped......

URL: