[Samba] Samba 3.0 client connection error

[Fallsen, Tommy]

Hi
I successfully joined the AD as member server, smbclient
\\\\hostname\\homes -U username works,
but on a windows 2000 client connecting to the homes share using \\hostname
failes with

[2003/11/13 16:39:46, 1] smbd/sesssetup.c:reply_spnego_kerberos(172)
  Failed to verify incoming ticket!
[2003/11/13 16:39:46, 1] smbd/sesssetup.c:reply_spnego_kerberos(172)
  Failed to verify incoming ticket!
[2003/11/13 16:39:51, 1] smbd/sesssetup.c:reply_spnego_kerberos(172)
  Failed to verify incoming ticket!
[2003/11/13 16:42:38, 1] smbd/sesssetup.c:reply_spnego_kerberos(172)
  Failed to verify incoming ticket!
[2003/11/13 16:42:38, 1] smbd/sesssetup.c:reply_spnego_kerberos(172)
  Failed to verify incoming ticket!
[2003/11/13 16:48:14, 1] smbd/sesssetup.c:reply_spnego_kerberos(172)
  Failed to verify incoming ticket!
[2003/11/13 16:48:14, 1] smbd/sesssetup.c:reply_spnego_kerberos(172)
  Failed to verify incoming ticket!

Oddly connecting to the share \\ip-adress works just fine, no errors.
Is there something wrong with my setup?

My smb.conf
[global]
 workgroup = ????
 realm = ????.?????????.COM
 netbios name =  hostname
 security = ADS
 password server = ads server
 log file = /opt/samba/var/log.%m
 max log size = 50
 preferred master = No
 local master = No
 domain master = No
 dns proxy = No
 wins proxy = Yes
 wins server = ?.?.?.?
 remote announce = ?.?.?.?
 NIS homedir = Yes

[homes]
 comment = Home Directories
 read only = No
 browseable = No

[printers]
 comment = All Printers
 path = /usr/spool/samba
 printable = Yes
 browseable = No



kdc.onf and krb5.conf


#
# Copyright 1998-2002 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
#ident "@(#)kdc.conf 1.2 02/02/14 SMI"

[kdcdefaults]
 kdc_ports = 88,750

[realms]
 ___default_realm___ = {
  profile = /etc/krb5/krb5.conf
  database_name = /var/krb5/principal
  admin_keytab = /etc/krb5/kadm5.keytab
  acl_file = /etc/krb5/kadm5.acl
  kadmind_port = 749
  max_life = 8h 0m 0s
  max_renewable_life = 7d 0h 0m 0s
  default_principal_flags = +preauth
 }



#
#pragma ident "@(#)krb5.conf 1.2 99/07/20 SMI"
# Copyright (c) 1999, by Sun Microsystems, Inc.
# All rights reserved.
#

# krb5.conf template
# In order to complete this configuration file
# you will need to replace the __<name>__ placeholders
# with appropriate values for your network.
#
[libdefaults]
        default_realm = ????.?????????.COM

[realms]
        ????.?????????.COM = {
                kdc = ads server ip
                admin_server = ads server ip
        }

[domain_realm]
 .????.?????????.com = ????.?????????.COM
 ????.?????????.com = ????.?????????.COM

[logging]
        default = FILE:/var/krb5/kdc.log
        kdc = FILE:/var/krb5/kdc.log
 kdc_rotate = {

# How often to rotate kdc.log. Logs will get rotated no more
# often than the period, and less often if the KDC is not used
# frequently.

  period = 1d

# how many versions of kdc.log to keep around (kdc.log.0, kdc.log.1, ...)

  versions = 10
 }

[appdefaults]
 kinit = {
  renewable = true
  forwardable= true
 }
 gkadmin = {
  help_url = http://docs.sun.com:80/ab2/coll.384.1/SEAM/@AB2PageView/1195
 }



Thanks

Tommy Fallsen