Suse's "passwd" utility has a bit of undesired behaviour. Most of my users don't have entries in shadow, they depend on pam_krb5 for authentication. So /etc/shadow is very short, it only has lines for root and a few sysadmins. I want for everyone else (system accounts like FTP and regular users) to be denied even the possibility of a locally stored password. Now in the past (under solaris) passwd would grumble and fail unless that username already had a line present in shadow. THIS passwd just bungs the encrypted string into /etc/passwd! Argh! Nobody ever wants to go back to un-shadowed passwords. How can I turn off this unwantedly obliging behaviour? TIA, michaelj -- Michael James michael.james@csiro.au System Administrator voice: 02 6246 5040 CSIRO Bioinformatics Facility fax: 02 6246 5166