[Samba] Samba on WAN

[Gustavo Lima]

        Hi Everybody,

I´m trying to get rid of my NT4 servers here but I´m having strange problems 
with samba on WAN.

I´m using in my main office samba 3.0.7 on Debian sarge with ldap backend 
called main-dom.

On the other office I´m using the same system and both are linked with a 
256k Frame-relay connection. The domain is called other-dom. In the mais 
office I have a firewall where is connected my LAN in one iface, internet 
connection in the second iface and on third is connected the router that 
establishes the frame-relay connection. The security guys said me there´s no 
rule blocking 137, 139 or 445 traffic. Is there any other port used by samba 
or WINS?

Both are set to trust each other.

In NT4 structure I have in the main office a SQL Server and users of both 
main and other office are listed on it to keep a certain application 
authentication.

I made the same arrangement with samba using a SQL Server that logs on my 
samba PDC here in the main facility and let users in the main and other 
office to use the sql application.

The problem is the remote users can be listed, but when I get of the group I 
created to the remote users and get back to it the user that once was 
other-dom\user changes to its SID like 
S-1-5-21-619649889-1864520048-1540833222-1056

I made thousands of changes in WINS. Used MS Wins replicating with static 
entrys. One Samba Wins and everybody using it. In all tries still the same 
problem.

I sincerely don´t what to do anymore.

Can anyone give me 2 or 10 tips so I can start trying different setups 
because I really don´t know what to do.

My best regards,

Gustavo