I found out that the web-management tool of samba (swat) doesn't work when pam is used with MD5 passwords and pam disabled in the config. Samba compares the code only with the crypt of the password and (of course) fails. (Swat uses unix account, NOT smbpasswd aparently (really I checked it using the debugger)) Because of this I recommend putting pam on in the ebuild file, or hack the appropriate file (pass_check.c) to also check on MD5 Paul
since the pam config file is pointing to the smbpasswd file i dont have a problem with making pam required for samba. people can configure their pam differently if they desire.
Closing the bug