[Samba] Samba 3.0.14a, Windows 2k3 and ADS

[sysrm]

Hi all

Thanks for everyones help so far with trying to get these all working.

I am now at the stage where I can logon to the domain and access a samba
share with out having to enter in a username password (i.e samba is using AD
to authenticate)

My system is setup like so:

Windows 2k3 PDC (so I get group policy features, bad password attempts,
account expiry etc)
Samba 3.0.14a on RH es3 linux FileStore ( peoples Home drive email etc )

Now I have a couple of questions...

1. I can use the net rpc add user command to add users, when I do this they
are disabled in windows AD, and ive been unable to find any documentation of
the -F switch (which is where I assume u can say if they are disabled, what
their home directory is, and where to map it etc)

2. In various howto's docs etc people talk about using samba as the pdc and
open ldap etc. Is the above system using LDAP ? i.e Windows 2k3 AD ? Or is
what I have using kerberos?

3. assuming im not using ldap, I have a script that currently runs every 15
mins and brings out a user,cryptpasswd list of my users and gives it out to
various services (such as .htaccess and squid)
Either by using ldap or another way, how is this possible to do? Since the
users are no longer on the linux box (locally)

Many thanks!

Ross