I have been trying to find an answer in forums/google to my problem. Hopefully someone can help me.

Have a Suse 11 server configured with samba/winbind v.3.2.4-4.5-2154-SUSE-SL11.0

trying to get AD authentication working correctly

my krb5.conf file looks like this:
[libdefaults]
default_realm = MYDOMAIN.LOCAL
dns_lookup_kdc = false
dns_lookup_realm = false

[domain_realm]
.mydomain.local = MYDOMAIN.LOCAL
mydomain.local = MYDOMAIN.LOCAL

[realms]
MYDOMAIN.LOCAL = {
kdc = dcname.mydomain.local
admin_server = xx.xx.xx.xx:749
default_domain = mydomain.local
}

[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
default = SYSLOG:NOTICEAEMON

[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
minimum_uid = 1
clockskew = 300
external = sshd
use_shmem = sshd
}


I have successfully joined my AD domain using the net ads join command

wbinfo -D domainname returns correct info
wbinfo -u and -g return domain users and groups
wbinfo -a username%password returns:
plaintext password authentication failed
Could not authenticate user jordan with plaintext password
wbinfo -K username%password returns:
plaintext kerberos password authentication for [jordan] failed (requesting cctype: FILE)
Could not authenticate user [jordan] with Kerberos (ccache: FILE)

getent passwd or group only lists the local suse user/groups ie. doesn't include the domain users/groups which I believe it should

I cannot access any of the samba shares from my windows clients
smb.conf:
[global]
realm = MYDOMAIN.LOCAL
workgroup = MYDOMAIN
netbios name = theoracle
preferred master = no
security = ADS
idmap gid = 10000-50000
idmap uid = 10000-50000
encrypt passwords = yes
enhanced browsing = no
winbind trusted domains only = yes
winbind use default domain = Yes
winbind enum users = yes
winbind enum groups = yes
log file = /var/log/samba/%m.log
log level = 10

again if anyone can provide some assistance it will be greatly appreciated