Hi, is there a possibility to map login-names to allowed Kerberos-Principals? At the moment GSSAPI-authentication seems to work only if loginname and kerberos-principal are the same, or am I missing something? It would be really great to use GSSAPI-auth with virtual users. Thanks a lot! S. Thias