You may find that you are completely unable to mount SMB volumes shared by Windows Server 2003 by using the "Go->Connect To Server" option in Mac OS X. This is a result of new encryption introduced with Windows Server 2003. Symptoms of this problem are errors about invalid usernames or passwords or errors like this logged in the console:
mount_smbfs: No credentials cache found krb5_cc_get_principal mount_smbfs: tree connect phase failed: syserr = Permission denied
You may still be able to browse the file shares fine with smbclient, it is the mount_smbfs tool that fails (which is used by the "Connect To Server" menu option).
The easiest solution to this problem is to disable the default server setting of always requiring "digitally signed communication". To do this, log in to the domain controller and open the DC policy editor. Look for "Security Settings -> Local Policies -> Security Options" and change "Microsoft network server: Digitally sign communications (always)" from "Enabled" to "Disabled". Leave everything else. This means that the server will digitally sign communications if the client is capable, but won't reject a connection if your client is not.
If you find that you are not getting prompted for a password when connecting to a samba share from a Mac, this may be due to a name resolution issue. Macs will prefer their own NetInfo? and Rendezvous to DNS. This means that if you have a Mac on your network which is configured to call itself "foo", then Macs will gravitate towards this server instead of going to the "real" (according to DNS) server named "foo". Meanwhile, you will be very confused about why only the Macs on the network have this problem.