Hey... I'm using LDAP for an internal website that serves up a variety of pages, including some trac projects. All is happily configured and working well, but there is one irritation. Users (all of whom are trusted) have to log in the first time they open any of the site's pages during a browser session. Which makes sense because mod_auth_ldap uses session cookies. I do prefer for them to be logged in, as it makes it much simpler to know who did what in trac. Is there any way, still authenticating to our ActiveDirectory server, to not make the user log in every session? I've poked around but haven't found anywhere to extend the life of the cookie. Suggestions for other ways to set it up are also welcome. The relevant part of httpd.conf, (some replaced by [...]) <LocationMatch /trac/.+/> SetHandler mod_python PythonHandler trac.web.modpython_frontend PythonOption TracEnvParentDir /mnt/raid5/trac/ PythonOption TracURIRoot /trac/ AuthType basic AuthName "TRAC" AuthLDAPEnabled on AuthLDAPBindDN [cn=......] AuthLDAPBindPassword [...] AuthLDAPURL ldap://[IPort]/[dc=...]?samAccountName?sub?(objectClass=User) require valid-user </LocationMatch> Thanks in advance! -Alex