diff -Naur pbs-2.3.12-orig/src/lib/Libsite/site_check_u.c pbs-2.3.12/src/lib/Libsite/site_check_u.c
--- pbs-2.3.12-orig/src/lib/Libsite/site_check_u.c	2004-07-19 15:02:10.000000000 -0400
+++ pbs-2.3.12/src/lib/Libsite/site_check_u.c	2004-07-19 15:29:09.000000000 -0400
@@ -98,6 +98,58 @@
 extern char  server_host[];
 extern char *msg_orighost;	/* error message: no PBS_O_HOST */
 
+
+/* PAM replacement for ruserok() function. Could performance be
+ * improved by making the pam handle static?
+ */
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+int null_conv(int num_msg,
+              const struct pam_message **msg,
+              struct pam_response **resp,
+              void *appdata_ptr)
+{
+    return PAM_CONV_ERR;
+}
+
+int pam_ruserok(const char *rhost,
+                int superuser,
+                const char *ruser,
+                const char *luser)
+{
+    pam_handle_t *pamh=NULL;
+    int ret;
+
+    struct pam_conv conv = {
+      null_conv,
+      NULL
+    };
+
+    ret = pam_start("pbs-server", luser, &conv, &pamh);
+
+    if (ret == PAM_SUCCESS)
+	/* Set the username that the PBS job should run as. */
+        ret = pam_set_item(pamh, PAM_USER, luser);
+    if (ret == PAM_SUCCESS)
+	/* Set the remote username of person requesting job submission. */
+        ret = pam_set_item(pamh, PAM_RUSER, ruser);
+    if (ret == PAM_SUCCESS)
+	/* Set host that the submission is sent from. */
+        ret = pam_set_item(pamh, PAM_RHOST, rhost);
+
+    if (ret == PAM_SUCCESS)
+        ret = pam_authenticate(pamh, 0);
+    if (ret == PAM_SUCCESS)
+        ret = pam_acct_mgmt(pamh, 0);
+
+    /* At this point we are either authenticated or denied. */
+    if (pam_end(pamh,ret) != PAM_SUCCESS) pamh = NULL;
+
+    return ( ret == PAM_SUCCESS ? 0 : -1 );
+}
+
+
 /*
  * site_check_u - site_check_user_map()
  *
@@ -106,6 +158,12 @@
  *
  *	As provided, this routine uses ruserok(3N).  If this is a problem,
  *	It's replacement is "left as an exersize for the reader."
+ *
+ *	7/19/04 - Rick Mohr <rfmohr@osc.edu>
+ *	I have completed the above "exercise" by creating the pam_ruserok()
+ *	function.  (See above.)  It takes the same arguments and has the
+ * 	same return values as ruserok(), so it should be usable as a drop-in
+ *	replacement.
  */
 
 int site_check_user_map(pjob, luser)
@@ -134,8 +192,8 @@
 	}
 	if ( !strcmp(orighost, server_host) && !strcmp(owner, luser))
 		return (0);
+	rc = pam_ruserok(orighost, 0, owner, luser);
 
-	rc =   ruserok(orighost, 0, owner, luser);
 #ifdef sun
 	/* broken Sun ruserok() sets process so it appears to be owned	*/
 	/* by the luser, change it back for cosmetic reasons		*/
diff -Naur pbs-2.3.12-orig/src/server/Makefile.in pbs-2.3.12/src/server/Makefile.in
--- pbs-2.3.12-orig/src/server/Makefile.in	2004-07-19 15:02:10.000000000 -0400
+++ pbs-2.3.12/src/server/Makefile.in	2004-07-19 15:44:45.000000000 -0400
@@ -174,7 +174,7 @@
 	$(INSTALL) -m 700 $(TARGET) $(sbindir)
 
 pbs_server: $(OBJS) $(PBSLIBS) 
-	$(CC) $(CFLAGS) -o $@ $(OBJS) $(PBSLIBS) $(LIBS)
+	$(CC) $(CFLAGS) -o $@ $(OBJS) $(PBSLIBS) $(LIBS) -lpam
 
 clean::
 	-$(RM) pbs_server *.o