AB> However, the issue as described seems to be the result of misusing AB> the idea of 'null passwords' on the server - ie, storing the null AB> string as a password, rather than setting the 'no password AB> required' flag. If that is the case, why does 2.2.8a work fine? Dave