Good evening all. I'm running the latest 4.7 code (cvs up as of tonight). I have finally managed to reproduce a problem that several of my users have reported, and one that I see chatter on in the d.o forums. It is the/a problem where you log in with a valid username/password, you appear in the list of users that are on-line, but the login does not 'take' and you are given an access denied screen when redirected to path user/##. I have riddled session.inc with watchdog statements and am willing to install whatever code a core developer may want me to run to gather evidence. This is running to the development version of my site, so I have a lot of leeway on what I can install. I can authenticate and create new sessions just fine in FF 2.0. IE7, running on the same physical box, will not complete the authentication. From my watchdog logs I see that the session is being regenerated as part of processing the login form. The new session id is written to the database, then sess_close() is called, then the page continues loading and creates a new session for an anonymous user. From reading the d.o forums I gather this problem may have continued into D5 RC 1, but it was not clear if it was fixed in the final version. If one of you is looking for information on this problem, I think I'm in a position to provide it. Scott