http://www.unav.es/cti/ldap-smb/ldap-smb-2_2-howto.html#XP_reqs
The Windows XP (and probably the W2K) requires set an special
registry entry to "0" (by default is set to "1"). This is
documented in
the samba/docs/Registry/WinXP_SignOrSeal.reg :
---
;
; This registry key (gathered from the Samba-tng lists) is needed
; for a Windows XP client to join and logon to a Samba domain
;
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters
"RequireSignOrSeal"=dword:00000000
---
Also, Luke Howard <lukeh@PADL.COM> (9 Nov 2001), tell me:
I noticed today that you can change this in the Local or Domain
policy editor in Windows 2000, too
so, this should be the /normal/ way.
Petri