Did somebody already make a two-way trust relationship between Samba 3 and AD ?

• I've got Samba 3.5 domain (ES02) controller and AD 2008 R2 domain (ES01) controller.

• Trust domain seems to be ok:

Trusted domains list:

ES01 S-1-5-21-1816646249-803782145-3669927669

Trusting domains list:

ES01 S-1-5-21-1816646249-803782145-3669927669

• I can login AD domain workstation with a Samba user account and access to AD domain workstation shares from Samba workstation with Samba user account.

• BUT, when I try to access to Samba domain workstation shares from AD domain workstation with AD account (test), I've got this:

[2012/12/16 23:00:26.146090, 5] auth/auth.c:268(check_ntlm_password) check_ntlm_password: winbind authentication for user [test] FAILED with error NT_STATUS_NO_SUCH_USER [2012/12/16 23:00:26.146123, 2] auth/auth.c:314(check_ntlm_password) check_ntlm_password: Authentication for user [test] -> [test] FAILED with error NT_STATUS_NO_SUCH_USER

• When I try to access samba share with the Administrator account that I create on both side with same password, I've got this:

[2012/12/16 22:57:22.701841, 1] rpc_server/srv_pipe_hnd.c:1602(serverinfo_to_SamInfo_base)
_netr_LogonSamLogon: user ES01\Administrator has user sid S-1-5-21-1816646249-803782145-3669927669-500 but group sid S-1-5-21-3405883886-2425668597-4100599511-513. The conflicting domain portions are not supported for NETLOGON calls

• I don't know if winbind is working because of this:

wbinfo -u

root 
nobody
smb3user 
administrator

• "wbinfo -u" should list all local and trusted users, no ?

Any fresh idea would be appreciated, I've been reading all the Internet for 1 week...

Regards,