AD and NFS issues


Hi, I am new to the forum and hoping someone might be able to help me out.

I have an XServe G5 w/ attached XServe RAID setup to serve files to existing AD (just data) and NIS (home, project data, apps) networks. I am having two fairly serious problems, and if I can fix either one or the other I should be in pretty good shape :rolleyes: I am not a real IT guy, I just play one late at night and on weekends....

Under System 10.3.9:

NFS shares seem to work great, once I figured out the "alldirs" trick to mounting subdirectories. On the windows side, things are not so good (I know, shocking!) I was able to get the server bound to AD, share to windows, and everything was great. Then I went on vacation, during which time our corporate IT guy promoted our AD servers to take over the network from our NT4 PDCs. This of course broke my setup. I was able to rebind, tweaked the smb.conf to set security to ads and enable spnego, and finally had to use "net join" to convince it to join kerberos. Everything seems to work again except:

1. I can see AD Users but not Groups in WGM.
2. Windows clients can connect to shares. If they connect by "map network drive" all is well, and samba log looks like this:

[2005/09/09 17:28:24, 1]
duffer ( connect to service parityraid1 initially as user
PRIMARION\robs (uid=612953666, gid=20) (pid 14123)

Duffer is client machine, parityraid1 is share name, robs is AD user, PRIMARION is domain.

If they browse in or type in the share name in explorer, things are very slow, like 10-20 sec to open each folder and samba logs the following error repeated every 2 sec until the window opens:

[2005/09/09 17:26:02, 1] /SourceCache/samba/samba-60.2/samba/source/smbd/sesssetup.c:reply_spnego_kerberos(250)
Username PRIMARION\duffer$ is invalid on this system

Under System 10.4.2:

Windows shares look great! I can see AD Users and Groups in WGM, Binding and Joining Kerberos was very smooth, no manual config needed. But of course, to keep things interesting my NFS shares have gone wacky! I don't know quite how to describe the problem. The shares all mount, and all the files seem to be there, but our main application (Cadence) acts like its all kinds of confused and can't see any user data or find some parts of itself (also served from the XServe) The xterm on login even complains that it can't find some module files, even though they are there. Is there any logging I can check with the NFS services to start trying to figure out whats up? Clients are mixed versions of RH Linux and older Solaris, though just to be weird one of the Linux boxes always sees everything just fine.

I'd be more than happy to post more info on either of these cases, but this email seems more than wordy enough for now.

Anybody have any thoughts on either issue?

Rob Smith