diff --git a/src/pam.c b/src/pam.c
index b68ac5af..adbe8818 100644
--- a/src/pam.c
+++ b/src/pam.c
@@ -99,13 +99,72 @@ int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc,
 	return (PAM_SUCCESS);
 }
 
+PAM_EXTERN
+int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
+		int argc, const char **argv)
+{
+	t_pusb_options	opts;
+	const char		*service;
+	const char		*user;
+	const char		*tty;
+	char			*conf_file = PUSB_CONF_FILE;
+	int				retval;
+
+	pusb_log_init(&opts);
+	retval = pam_get_item(pamh, PAM_SERVICE,
+			(const void **)(const void *)&service);
+	if (retval != PAM_SUCCESS)
+	{
+		log_error("Unable to retrieve the PAM service name.\n");
+		return (PAM_AUTH_ERR);
+	}
+
+	if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || !user || !*user)
+	{
+		log_error("Unable to retrieve the PAM user name.\n");
+		return (PAM_AUTH_ERR);
+	}
+
+	if (argc > 1)
+		if (!strcmp(argv[0], "-c"))
+			conf_file = (char *)argv[1];
+	if (!pusb_conf_init(&opts))
+		return (PAM_AUTH_ERR);
+	if (!pusb_conf_parse(conf_file, &opts, user, service))
+		return (PAM_AUTH_ERR);
+
+	if (!opts.enable)
+	{
+		log_debug("Not enabled, exiting...\n");
+		return (PAM_IGNORE);
+	}
+
+	log_info("pam_usb v%s\n", PUSB_VERSION);
+	log_info("Account request for user \"%s\" (%s)\n",
+			user, service);
+
+	if (!pusb_local_login(&opts, user))
+	{
+		log_error("Access denied.\n");
+		return (PAM_AUTH_ERR);
+	}
+	if (pusb_device_check(&opts, user))
+	{
+		log_info("Access granted.\n");
+		return (PAM_SUCCESS);
+	}
+	log_error("Access denied.\n");
+	return (PAM_AUTH_ERR);
+}
+
+
 #ifdef PAM_STATIC
 
 struct pam_module _pam_usb_modstruct = {
 	"pam_usb",
 	pam_sm_authenticate,
 	pam_sm_setcred,
-	NULL,
+	pam_sm_acct_mgmt,
 	NULL,
 	NULL,
 	NULL