Laptops should work away from a network, even if they normally authenticate/authorize using kerberos/LDAP. Key network-provided user data (i.e., passwords and NSS) should be cached when a user logs in. I've done a small amount of work on this. There are still a few major problems. See: http://www.flyn.org/laptopldap/laptopldap.html. -- Mike