AdminConsole CSF webservice only looking at /etc/passwd?

System

We are trying to implement Single Sign On. At the OS Level (Redhat EL 5.6) we have Kerberos/Winbind tied our Microsoft Active Directory. Things like console login, SSH, Web servers can all see the users that authenticate from the network as OS level users. While Teamsite 7.2 says it's pam compliant, is the most recent Opendeploy as well?

I am having problems getting the CSF web service used by Opendeploy admin console for authentication to see anything other than the users local to the machine. I'm thinking it will be a config option in
[Iw-home]/CSF/AccessService/conf/1.2/iwovcsfconfig.xml but haven't found any documentation on this file. Any pointers would be appreciated.

I guess the other option would be to only allow deploys via Teamsite workflows (since they run as bootstrap user), except the Iw-admin (local account), but would prefer not to do that, as some people like (or are used to) the admin console.

Thank you
-Barry