samba伺服器登錄不了？

把samba伺服器用ads模式加入到2003域網路后只能用匿名用戶訪問共享目錄而無法用域用戶帳戶登錄samba伺服器，登錄時總是登錄不進去，每次登錄都彈出登錄介面,請問這是哪裡配置錯誤？配置文件如下：
smb.conf文件配置：
[global]
workgroup = lycb
server string = File Server
netbios name = Sambaserver
security = ads
hosts allow = 192.168.1. 127.
encrypt passwords = yes
guest account = linux
log file = /var/log/samba/%m.log
max log size = 50
password server = 192.168.1.11
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind enum groups = yes
winbind enum users = yes
winbind separator = /
template homedir = /homes/%D/%U
template shell = /bin/bash
realm = lycb.local

[homes]
comment = Home Directories
browseable = no
writable = yes
path = /home/%U
valid users = %U


[share]
comment = All user's share directory
path = /usr/share
public = no
guest ok = yes
read only = yes

[program]
comment = Program Files
path = /etc/program
valid users = @administrators linux 99 root
public = no
writable = yes


[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes

krb5.conf配置文件：
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
default_realm = LYCB.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = ture
ticket_lifetime = 24h
forwardable = yes

[realms]
LYCB.LOCAL = {
kdc = 192.168.1.11:88
admin_server = 192.168.1.11:749
default_domain = lycb.local
}

[domain_realm]
.lycb.local = LYCB.LOCAL
lycb.local = LYCB.LOCAL

[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}

nsswitch.conf配置文件：
passwd: files winbind
group: files winbind
shadow: files winbind


hosts: files dns wins
networks: files dns


protocols: db files
services: db files
ethers: db files
rpc: db files

Tags: linux system 系統