[Samba] Can't join Windows 10 to classic domain

[samba1 at nym.hush.com]

	I've been running Samba 4 in NT4 Domain mode for a few years, and
it's been working fine with Windows 7 PCs.  

	I now need to join a new Windows 10 PC to the domain, but I'm not
having any success!

	When I try to join the domain, the Windows 10 PC says "An Active
Directory Domain Controller could not be contacted...."

	I've tried a few things, including:-

	Setting registry entries for:-
DomainCompatibilityMode = 1
DNSNameResolutionRequired = 0

	Then:-
[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsNetworkProviderHardenedPaths]
"\\*\netlogon"="RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0"
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodePoliciesMicrosoftWindowsNetworkProviderHardenedPaths]
"\\*\netlogon"="RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0"

	I've tried adding entries for the domain controller in hosts and
lmhosts, and have also tried enabling NetBIOS over TCP/IP.

	I've then tried forcing the Windows Client to use SMB1:-

	sc config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc config mrxsmb20 start= disabledI also used the following Powershell
commands:-
Get-WindowsOptionalFeature -Online -FeatureName
SMB1ProtocolSet-SmbServer-Configuration -EnableSMB2Protocol $false

	Running the status commands shows SMB1 to be enabled, and SMB2 to be
disabled.

	Should it be possible to join a Windows 10 PC to a Samba NT4 domain,
and if so, what am I missing?

	One thing I haven't tried is forcing Samba to "server max protocol =
NT1" - mainly because I'm worried it might cause problems with all the
existing Windows 7 clients, and also because of potential security
risks.  I thought it might be 'safer' to force the Windows 10 PC to
use SMB1 rather change anything on the server.

	Any help would be much appreciated!