AD Support in OS X has been unreliable..
We have a few users that insist on using OS X Lion in our enterprise environment and we have had nothing but trouble getting Lion to play in an Active Directory world. Here are some issues we have run into thus far (which we thought were supposed to be better in Lion than in SnowLeopard):
1. Getting Lion to simply join a Domain! ( Only one out of the 5 new Lion systems would even join the domain, the others continue to get the 5202 error --- Aug 23 01:16:24 mymachine System Preferences[544]: -[ODCAddServerSheetController handleOtherActionError: gotError: Error Domain=com.apple.OpenDirectory Code=5202 "Authentication server encountered an error while attempting the requested operation." UserInfo=xxxxxxxxx {NSLocalizedDescription=Authentication server encountered an error while attempting the requested operation., NSLocalizedFailureReason=Authentication server encountered an error while attempting the requested operation.}, Authentication server encountered an error while attempting the requested operation. FOR WHICH APPLE STILL HAS NO RESOLUTION!!) -- And yes, Snow Leopard seems to work just fine with the same settings.
2. If by chance you do get Lion joined to the domain, it seems to lose it's connectivity when you reboot one or two times giving you the Network Accounts Unavailable on the log in screen (and never connects again without twiddling). If you don't setup Mobile accounts your AD users are out of luck at this point as they can't log into the machine.
3. Inconsistencies with domain connectivity cause much more of a headache with users complaining they can't get to protected resources or they always have to type user/passwords, etc.
Thus far our experience with Lion is that it has moved further away from the Enterprise, than being more of a citizen in one -- causing more headaches and increasing the cost of managing clients.
To say I have been disappointed is an understatement, as I was hoping to upgrade my Snow Leopard to Lion. Looks like I'll be waiting a while. Oh, and the latest patches don't seem to help, nor does any of the other user space solutions (i.e. running the Permissions Utility, etc) that are floating around as solutions due to the lack of Apple responding and addressing these critical problems. If Apple wants to play in an Enterprise world, they need to nail these types of issues out of the gate, IMHO.
