Windows 2000 server Domain Controller local policies->security setting -> LAN Manager Authentication Level: Send NTLMv2 only/refuse LM&NTLM. "net rpc join" reports NT_STATUS_LOGON_FAILURE even though username/password is correct.
This looks very much like you need to set: client ntlmv2 auth = yes in the smb.conf. Unfortunetly, it's not possible to autodect this failure, without always doing a double-login.
looks like a configuration issue.