OS X 10.6.x Clients and Kerberos Certificates with Windows 2003 AD/DC

Howdy! Last week I wrote the OS X client management list regarding a problem I was having with Kerberos certificates not being received from a Windows 2003 DC on OS X 10.6.x clients. I later determined that the Kerberos Certificate does get received upon the second sequential login for every user (user logs in, no cert, user logs off, logs in again, cert is in ticket viewer). I didn't think this would be a problem until I was moving forward with deployments and configuration options. We would like to have mobility enabled to sync their local Documents/Settings with their remote network home folders (hosted by windows shares/defined by AD home folder attribute). Additionally, they would like their network home folder icon to appear in their dock. This obviously becomes a problem during their initial login where it cannot resolve their network home folder because the client isn't receiving the Kerberos certificate upon the first login, and therefore cannot use SSO to mount the network home folder (so the OS X client just throws an error "cannot access /Users/" at the login window and doesn't allow them to log in). I've gotten one response back from the OS X Client management list from someone who is experiencing my same problem. Does anyone have any ideas why it's taking two sequential logins to receive the Kerberos Certificate from the Windows DC? Has anyone else seen this behavior? Thanks for any information you have!