Windows XP SP3 and Windows 2008 R2 SP1 doesn’t work

I've got a Windows Server 2008 R2 SP1 Active Directory with Full 2008 R2 Level Domain and a Windows XP SP3 Client which needs to join this domain.

Unfortunately the client is not able to join the domain and if I take a look at the Server's logs I saw the following error:

EVENT ID: 4776 error N° 0xc000006a

Following my search on Google, I've reset all my GPO's with the dcgpofix command according to the MS knowledge base, but once again my Windows client is still unable to join the domain and thrown up the same error.

Ok, so, I've made some progress with this issue.

I've notice two things:

First of all: – It seems to be a Kerberos Issue, because every logs are talking about Kerberos.

From server:

EVENT ID: 4776 error N° 0xc000006a

This mean, correct username, bad password (I'm sure of the password 'cause I'm using it to log me in the DC).
And the first FAIL on my list is:

EVENT ID: 4768 -> A Kerberos Ticket has been requested.

Secondly:

On the client side I've a single error:

EVENT ID: 4 -> Error Kerberos, Source: Kerberos -> The client received a KRB_AP_ERR_MODIFIED error from the server prdldap01$. This indicates that the password used to encrypt the kerberos ticket is different than that on the target server.

Then, I've try to check the ticket on the client with the Klist tickets command, BUT there is no one on the client.

The klist command report:

Cached tickets: (0)

Finally:

All my Windows 7 clients are correctly joining the domain.
My Server send the following ticket encryption:

KerbTicket Encryption: AES-256-CTS-HMAC-SHA1-96

My LSA Notification packages are the followings

SCECLI RASSFM SHA1HEXFLTR

My LSA Security packages are the following:

kerberos msv1_0 schannel wdigest tspkg pku2u

I really start to suspect the Domain Security GPO or Kerberos settings.
If anyone have an idea, I'm listening 😀