Исходные данные:
Samba 3.2.5
Debian 5.03
включен в домен MS AD, работающий в режиме Windows Server 2003 (хотя оба контроллера Win2008 Standart)

Самбу настраивал с помощью SWAT, вот smb.conf:
[global]
        unix charset = LOCALE
        realm = WORKGROUP.COKE.KMR.KUZBASS.NET
        server string = Storage samba server
        interfaces = eth0
        bind interfaces only = Yes
        security = ADS
        obey pam restrictions = Yes
        passdb backend = tdbsam
        passwd program = /usr/bin/passwd %u
        passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
        log level = 3
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 100
        name resolve order = lmhosts host wins bcast
        printcap name = CUPS
        local master = No
        domain master = No
        dns proxy = No
        wins server = 10.0.0.233
        ldap ssl = no
        panic action = /usr/share/samba/panic-action %d
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        template shell = /bin/bash
        invalid users = root

[print$]
        comment = Printer Drivers
        path = /var/lib/samba/printers

[distrib]
        path = /data/distrib
        valid users = @WORKGROUP\DistribGroup
        write list = @WORKGROUP\DistribGroup
        read only = No
        create mask = 0777
        directory mask = 0777

[backup]
        path = /data/backup
        valid users = @WORKGROUP\BackupGroup
        write list = @WORKGROUP\BackupGroup
        read only = No
        create mask = 0777
        directory mask = 0777
--------------------------------------

При попытке получить доступ к ресурсам с компьютера ANTIVIR (win2003) администратором домена, входящего в обе группы DistribGroup и BackupGroup получаю в журнале log.antivir:

[2010/02/25 14:04:23,  3] auth/auth.c:check_ntlm_password(220)
  check_ntlm_password:  Checking password for unmapped user [WORKGROUP]\[Administrator]@[ANTIVIR] with the new password interface
[2010/02/25 14:04:23,  3] auth/auth.c:check_ntlm_password(223)
  check_ntlm_password:  mapped user is: [WORKGROUP]\[Administrator]@[ANTIVIR]
[2010/02/25 14:04:23,  3] smbd/sec_ctx.c:push_sec_ctx(224)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2010/02/25 14:04:23,  3] smbd/uid.c:push_conn_ctx(357)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2010/02/25 14:04:23,  3] smbd/sec_ctx.c:set_sec_ctx(324)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2010/02/25 14:04:23,  3] smbd/sec_ctx.c:pop_sec_ctx(432)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2010/02/25 14:04:23,  2] auth/auth.c:check_ntlm_password(318)
  check_ntlm_password:  Authentication for user [Administrator] -> [Administrator] FAILED with error NT_STATUS_NO_SUCH_USER
[2010/02/25 14:04:23,  3] smbd/error.c:error_packet_set(61)
  error packet at smbd/sesssetup.c(127) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE
[2010/02/25 14:04:24,  3] smbd/process.c:smbd_process(2035)
  receive_message_or_smb failed: NT_STATUS_END_OF_FILE, exiting
--------------------------------------

Может быть проблема в том, что, хотя и в другое время, но всё же в журнале log.winbindd:
[2010/02/25 14:22:37,  1] winbindd/winbindd_util.c:trustdom_recv(260)
  Could not receive trustdoms