samba - Oct 2004 - xpsp2 clients authenticate, W2ksp4 clients must use IP or FQDN

Hi,

I have an interesting issue.  I?m running a redhat 9 box with samba 3.0.7,
and Kerberos 1.3.1.  I?ve joined the machine to the AD2k3 domain, and all
the informational commands respond as expected, getent's, wbinfo ?g ?t,
and net ads*** and also 'smbclient -k //otherdomainserver/share' works
as
it should from the server's terminal.

when connecting to the server with a windows XPsp2 client, it works as it
should.  The log in /var/log/samba/  is written as
?log.?clientmachinename?
----snip--
adc020601-069 (138.127.101.159) connect to service prod initially as user
US+dussaulta (uid=0, gid=71750) (pid 18216)
[2004/10/26 10:48:05, 1] smbd/service.c:close_cnum(837)
  adc020601-069 (138.127.101.159) closed connection to service prod
---snip--


When I use a win2ksp4 client, using the samba servers short name. it fails
to authenticate, and prompts for username and password.  The log gets
written as ?log.ip.ip.ip.ip?
Inside that log are 4
---snip---
[2004/10/26 10:44:15, 1] smbd/sesssetup.c:reply_spnego_kerberos(173)
  Failed to verify incoming ticket!
---snip---


When I use a win2ksp4 client using the samba server IP or FQDN, it behaves
like the XP client.  And I can manage the samba shares with the mmc
snap-in, see my connected sessions, and connect to the shares.
---snip---
more log.adc040415-025
[2004/10/26 10:40:50, 1] smbd/service.c:make_connection_snum(648)
  adc040415-025 (138.127.102.131) connect to service prod initially as
user US+Cantalupor (uid=70001, gid=71760) (pid 18203)
---snip---

otherwise, the log.winbindd is clean except for the one
---snip---
[2004/10/26 10:19:00, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
  krb5_cc_get_principal failed (No credentials cache found)
---snip---
 when I start winbind.

Am I missing anything obvious here?

I can post my config files if someone wants to take a look at them.
also, I can run any tests that you might think will be helpful.
Thanks

Fred