Dear all, Is anyone running Zope on WinNT and authenticating against an NT domain? If so, how?! I'm running Zope on a WinNT box that's not a PDC or BDC for its domain. I want to authenticate users against this domain. My ideal solution would be to strip out the authentication code from jcNTUserFolder or NTUserFolder and put it in smbUserFolder, because I can easily generate lists of users and don't need to query a DC to get them. But I can't get the authentication to work, even if I have a simple script like this: swhome=r'C:\Program Files\Zope' import sys sys.path.insert(0, '%s/lib/python' % swhome) sys.path.insert(1, '%s/bin/lib' % swhome) sys.path.insert(2, '%s/bin/lib/plat-win' % swhome) sys.path.insert(3, '%s/bin/lib/win32' % swhome) sys.path.insert(4, '%s/bin/lib/win32/lib' % swhome) sys.path.insert(5, '%s' % swhome) import win32security token=win32security.LogonUser('Administrator','DORNIER','xxxxxx',win32security.LOGON32_LOGON_NETWORK,win32security.LOGON32_PROVIDER_DEFAULT) Where DORNIER is the local machine and Administrator is running the script and has the "Access this computer from the network" and "Act as part of the operating system" rights. The error I get is: pywintypes.api_error: (1314, 'LogonUser', ' A required privilege is not held by the client.') What am I doing wrong? Can anybody point me towards some documentation for win32security? Can anyone point me to some documentation for the win32security.NetUserChangePassword function mentioned by Chris McDonough at http://classic.zope.org/pipermail/zope/1999-October/013032.html ? Cheers, Ian