samba - Mar 2006 - need help running samba 3.0.11 with security=domain

> I am having problems getting security=domain to work properly with
> Samba 3.0.11  (this seems to be the recommended configuration for the
> application which I use - ClearCase)
> 
> We are running on a Solaris 10 server. 
> 
> We created a machine account for the server and then ran the command
> to join the domain :
> net rpc join -S domain_controller -U user%pass
> Joined domain BP1.
> 
> The fact that we got the "joined domain" message looked
encouraging.
> 
> I thought that this would update /usr/local/samba/private/secrets.tdb
> - but the timestamp of this file didn't change. Is this normal ? Maybe
> it is because we can now access the samba share from a client PC.
> However - it takes too long (around 15 seconds). Occasionally it fails
> altogether. If we set "password server" to "*" rather
than hard coding
> a domain controller then it fails every time with access denied
> errors.
> 
> If we switch to security=server it works OK.
> 
> The smb.conf file contains the following
> 
> [global]
>         workgroup = BP1
>         security = DOMAIN
>         password server = bp1xeudc042.bp1.ad.bp.com
>         username map = /usr/local/samba/lib/username.map
>         lm announce = No
>         preferred master = No
>         local master = No
>         domain master = No
>         kernel oplocks = No
>         ldap ssl = no
>         invalid users = root, bin, daemon, adm, sync, shutdown, halt,
> mail, news, uucp
>         create mask = 0775
>         directory mask = 0775
>         case sensitive = No
>         oplocks = No
>         include = /usr/local/samba/lib/smb.conf.%m
>         dos filemode = Yes
> 
> [export]
>         comment = ClearCase VOBs
>         path = /export
>         read only = No
>         level2 oplocks = No
> 
> 
> The log file contains the following :
>   added interface ip=149.184.200.182 bcast=149.184.200.255
> nmask=255.255.255.0
> [2006/03/23 16:41:53, 2] lib/interface.c:add_interface(79)
>   added interface ip=149.184.200.181 bcast=149.184.200.255
> nmask=255.255.255.0
> [2006/03/23 16:41:53, 2] lib/interface.c:add_interface(79)
>   added interface ip=149.184.200.27 bcast=149.184.200.255
> nmask=255.255.255.0
> [2006/03/23 16:41:53, 2] lib/interface.c:add_interface(79)
>   added interface ip=172.28.17.231 bcast=172.28.17.255
> nmask=255.255.255.0
> [2006/03/23 16:41:57, 3]
> libsmb/trusts_util.c:enumerate_domain_trusts(149)
>   enumerate_domain_trusts: can't locate a DC for domain BP1
> [2006/03/23 16:41:57, 3] auth/auth.c:check_ntlm_password(219)
>   check_ntlm_password:  Checking password for unmapped user
> [BP1]\[WHITAKAN]@[BP
> 1LSTL211684] with the new password interface
> [2006/03/23 16:41:57, 3] auth/auth.c:check_ntlm_password(222)
>   check_ntlm_password:  mapped user is:
> [BP1]\[WHITAKAN]@[BP1LSTL211684]
> [2006/03/23 16:41:57, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2006/03/23 16:41:57, 3] smbd/uid.c:push_conn_ctx(365)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2006/03/23 16:41:57, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2006/03/23 16:41:57, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2006/03/23 16:42:01, 2] auth/auth.c:check_ntlm_password(312)
>   check_ntlm_password:  Authentication for user [WHITAKAN] ->
> [WHITAKAN] FAILED
> with error NT_STATUS_NO_LOGON_SERVERS
> [2006/03/23 16:42:01, 3] smbd/process.c:timeout_processing(1334)
>   timeout_processing: End of file from client (client has
> disconnected).
> ...
> ...
> [2006/03/23 16:42:01, 2] lib/interface.c:add_interface(79)
>   added interface ip=172.28.17.231 bcast=172.28.17.255
> nmask=255.255.255.0
> [2006/03/23 16:42:05, 3]
> libsmb/trusts_util.c:enumerate_domain_trusts(149)
>   enumerate_domain_trusts: can't locate a DC for domain BP1
> [2006/03/23 16:42:05, 3] auth/auth.c:check_ntlm_password(219)
>   check_ntlm_password:  Checking password for unmapped user
> [BP1]\[WHITAKAN]@[BP
> 1LSTL211684] with the new password interface
> [2006/03/23 16:42:05, 3] auth/auth.c:check_ntlm_password(222)
>   check_ntlm_password:  mapped user is:
> [BP1]\[WHITAKAN]@[BP1LSTL211684]
> [2006/03/23 16:42:05, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2006/03/23 16:42:05, 3] smbd/uid.c:push_conn_ctx(365)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2006/03/23 16:42:05, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2006/03/23 16:42:05, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2006/03/23 16:42:05, 3] libsmb/namequery_dc.c:rpc_dc_name(145)
>   rpc_dc_name: Returning DC BP1XEUDC042 (149.184.209.253) for domain
> BP1
> [2006/03/23 16:42:05, 3]
> libsmb/cliconnect.c:cli_start_connection(1389)
>   Connecting to host=BP1XEUDC042
> [2006/03/23 16:42:05, 3] lib/util_sock.c:open_socket_out(752)
>   Connecting to 149.184.209.253 at port 445
> [2006/03/23 16:42:06, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2006/03/23 16:42:06, 3] smbd/uid.c:push_conn_ctx(365)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> ...
> ...
> [2006/03/23 16:42:06, 3] auth/auth.c:check_ntlm_password(268)
>   check_ntlm_password: winbind authentication for user [WHITAKAN]
> succeeded
> [2006/03/23 16:42:06, 3] smbd/sec_ctx.c:push_sec_ctx(256)
>   push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
> [2006/03/23 16:42:06, 3] smbd/uid.c:push_conn_ctx(365)
>   push_conn_ctx(0) : conn_ctx_stack_ndx = 0
> [2006/03/23 16:42:06, 3] smbd/sec_ctx.c:set_sec_ctx(288)
>   setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
> [2006/03/23 16:42:06, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
>   pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
> [2006/03/23 16:42:06, 2] auth/auth.c:check_ntlm_password(305)
>   check_ntlm_password:  authentication for user [WHITAKAN] ->
> [WHITAKAN] -> [whi
> takan] succeeded
> 
> 
> Any help would be appreciated 
> 
> Thanks
>