[Samba] Samba + Winbind + AD homes does not work

[florian.engelmann at bt.com]

Hello,
we use winbind to connect our Linux servers to our AD what is working
right now and we use samba to share some Linux directories to our
Windows clients what is also working as intended. The only thing we were
not able to get running are the [homes]. The authentication seems to be
wrong. Here is our configuration.

/etc/samba/smb.conf
[global]
   netbios name = demu1glcxxxx01
   workgroup = DOM
   realm = DOM.xxx.yyy
   preferred master = no
   server string = UnixCluster
   security = ADS
   encrypt passwords = true
   ;password server = *
   password server = demu1wyyyy02
   allow trusted domains = no
   log level = 2
   log file = /var/log/samba/%m
   max log size = 1000
   printcap name = cups
   printing = cups
   winbind enum users = no
   winbind enum groups = no
   winbind use default domain = yes
   winbind nested groups = yes
   winbind separator = +
   winbind cache time = 5
   idmap backend = rid:DOM=100000-5000000
   idmap uid = 100000-10000000
   idmap gid = 100000-10000000
   template homedir = /home/%D/%U
   template shell = /bin/bash

[homes]
   comment = Home Direcotries
   ;path = /pkg/global/home/%D/%U
   valid users = %S
   ;valid users = %D+%U, engelmaf, DOM+engelmann
   :valid users = @DOM+de_it-operations_dam, @"DOM+domain users", %D+%U,
engelmaf, DOM+engelmann, %S
   read only = no
   browseable = no
   ;invalid users = root

[printers]
   comment = All Printers
   path = /var/spool/cups
   browseable = no
   printable = yes
   guest ok = yes

[dml]
   comment = Digital Media Library
   path= /pkg/tank/dml
   valid users = @DOM+de_it-operations_dam, @"DOM+domain users"
   writable=yes
   browseable=yes
   write list = @DOM+de_it-operations_dam

We are able to connect and write to dml but not to the home directories.
Any Idea what could be the problem?

OS: Debian Lenny
Samba: 3.2.5

Thank you for your help.

Regards Florian