Hi! 1) I'm using Marc Heuses Seccheck and allways get errormessages that I don't want. The server is a samba/ldap pdc using shares of a W2K server. Why? W2K sucks with it's nasty ressource eating and complicated administration of ADS/Samba is 2-3x faster. Here some of the output: from /etc/passwd (machine$=machine accounts of samba/ldap with home=/dev/null): - Login datenschlund$ has non-alphanumeric characters. - Login datenschlund$ has more than 8 characters. from /etc/shadow: + Login mb124$ has non-alphanumeric characters. + Login datenschlund$ has non-alphanumeric characters. + Login datenschlund$ has more than 8 characters. - Group gr-lehrer has more than 8 characters. + user test : home directory is owned by users Same with files in user directorys. Why the probe more than 8 characters? I don't know what's the problem on linux with longer than 8 characters usernames! The $ in the username is not changeable otherwise samba would not add machines to the domain. Is there a way to get rid of that anoying log entrys or will I have to write my own sec check, that I partly allready have (mail, firewall, port access)? 2) Next thing is there anybody having knowledge of how to get gid and uid on file acl in a windoof environment taken from a samba pdc? I have top help me with local created groups that I put domain users on. There is a need to get group acls for some shares (I'm fucked up with the damn M$ rightsmanagement for directorys). Winbind does not help me because this is for using samba in a domain and give samba the uid/gid of other w2k-pdc's in a network environment. Philippe