SSO with AD/OD and fileshares

I have a client and server both on 10.5. both are bound to AD. the server is an OD Master. I've created a group on the server and added one user from AD to this group. I created a fileshare and made this group the owner. from the client, i can login (authenticating via AD) and the client applies MCX rules from OD. if i try to mount the fileshare, using the url of the OD server, it prompts me to authenticate. why is it doing this? why aren't my credentials from AD being automatically passed to OD? if i do enter my AD username and password, it fails on the client with an invalid password error, yet AFP Access Log shows this (hiding IP and name): IP x.x.x.x - - [16/Jan/2008:10:16:29 -0800] "Login LastName, FirstName" -5023 0 0 IP x.x.x.x - - [16/Jan/2008:10:16:29 -0800] "Logout LastName, FirstName" -5023 0 0 what could i be doing wrong or what am i misunderstanding? thanks! chris