I found a reproducable problem: If a password from a user is expired and he/she is forced to change it at the logon, the profile is not loaded from the server. Instead of this, a local profile is created and used. The problem is, that if a local profile is existing on a workstation, the serverbased isn't used any more.
Maximum PW age: 90 days
Minimum PW age: 14 days
Minimum PW lenght: At least 8 characters
Rember last 4 PW
Created attachment 5725 [details]
Zipped level 10 debug log
Level 10 debug log of password change at the windows logon (after "pw expired" was shown). The logon script runs fine. But the server based profile was not loaded and a local one was created.
It's not a problem of samba. It's a problem that MS introduced with XP SP3:
MS provides a hotfix that can be requested (not for public download).