according to https://msdn.microsoft.com/en-us/library/windows/desktop/ms681385(v=vs.85).aspx, Error 1337 is
The security ID structure is invalid.
I like the english version better, because imho it's not that obvious, that the german "Sicherheitskennung" actually means the SID.
I'm not sure which SID is found to be invalid, though. Could be the domain's SID, the SID of the Administrator account you use to join or the SID of the machine account for the Windows 10 box.
Do the Samba logs (
/var/log/samba/log.samba) say something like
Did the Windows system or one with the same name exist before (and was deleted or renamed?)
Does Kerberos authentication work for the account you use to join the Windows system (
kinit Administrator && klist)