I'm glad it got resolved. Because those passwords don't travel in clear text anywhere that I know of, you might have to get a sniffer and compare the successful and unsuccessful login packets. The password hashes sent from the client might be the same, but I'd confirm that from two succesful clients before I'd bet the farm on it.