Привет!
Делаю PDC на openSUSE 11.0 (X86-64) c Samba 3.2.4-4.3-2042-SUSE-SL11.0 OpenLDAP 2.4.9-7.4.
Все работает, все красиво - пользователи, группы - все в LDAP, заводятся в phpLDAPAdmin; виндусь-машины тоже заводятся замечательно (сеть 192.168.0.х). А как только попробовал завести виндусь-клиента из другой подсети (192.168.2.х) - "Не удалось подключиться к контроллеру домена для домена DOMAIN".
DNS на PDC пока не делал.
На всякий случай: все маршрутизируется нормально, пакеты гуляют в обе стороны, фаерволы не включены, сетевухи живые.
Не знаю, че делать.... потому прошу помощи :)

Конфиг самбы:
[global]
        workgroup = DOMAIN
        server string = Samba+LDAP Server
        null passwords = Yes
        passdb backend = ldapsam:ldap://127.0.0.1
        passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authen                                                                             tication*tokens*updated*
        log level = 1
        log file = /var/log/samba/log.%m
        max log size = 50
        announce version = 5.1
        time server = Yes
        add user script = /usr/local/sbin/smbldap-useradd -m '%u'
        delete user script = /usr/local/sbin/smbldap-userdel '%u'
        add group script = /usr/local/sbin/smbldap-groupadd -p '%g'
        delete group script = /usr/local/sbin/smbldap-groupdel '%g'
        add user to group script = /usr/local/sbin/smbldap-groupmod -m '%g' '%u'
        delete user from group script = /usr/local/sbin/smbldap-groupmod -x '%g'                                                                              '%u'
        set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u'
        add machine script = /usr/local/sbin/smbldap-useradd -w '%u'
        logon script = users.bat
        logon path = \\%L\Profiles\roaming\%U
        logon drive = Z:
        logon home = \\Server\Share\%U
        domain logons = Yes
        os level = 65
        preferred master = Yes
        domain master = Yes
        wins support = Yes
        ldap admin dn = cn=manager,dc=domain,dc=com
        ldap group suffix = ou=Groups
        ldap machine suffix = ou=Computers
        ldap suffix = dc=domain,dc=com
        ldap ssl = no
        ldap user suffix = ou=Users
        idmap uid = 10000-65000
        idmap gid = 10000-65000
        winbind use default domain = Yes
        hosts allow = 192.168. 127.
        oplocks = No

[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        read only = No
        inherit acls = Yes
        browseable = No

[profiles]
        comment = Network Profiles Service
        path = %H
        read only = No
        create mask = 0600
        directory mask = 0700
        store dos attributes = Yes

[netlogon]
        comment = Network Logon Service
        path = /var/lib/samba/netlogon
        write list = root

[data]
        comment = Share for Data Exchange
        path = /home/data
        read only = No
        create mask = 0775
        security mask = 0775
        directory mask = 0775
        inherit permissions = Yes
        inherit acls = Yes