I am an apple systems engineer in so cal. (used to work at Apple as a QA engineer).
We have 200 macs, rest PCs in a 5000 user environment. Active Directory 2003 (upgrading to AD 2008 soon).
It's been long known that Apple's own AD plugin over the years has been shaky. All one has to do is use Centrify's own plug-in and AD bind / auth works just great. This has been true probably since 10.5 Leopard.
I have rolled out 10.4, 10.5, 10.6, and now 10.7 and AD binding / authentication functionality always comes up.
In beta testing of these GM version of these OS's, in every case, AD would not work on the shipping GM version. We have had to wait for the x.2 or x.3 release, etc.
And typically when a brand new OS X was coming, say 10.4 to 10.5, 10.5 to 10.6, etc. Previously functioning AD binding / authentication was now broken. This is once again the case going from 10.6 to 10.7
So needless to say we are not rolling out Lion until Apple fixes AD in 10.7.2, 10.7.3 etc. Of course there is nothing stopping anyone from using the now free Centrfiy Express, which works great.
I can say in our environment 10.7.2 Does Fix AD Binding (but the actual Binding part worked in 10.7 / 10.7.1), but now one can actually login (authenticate), and have OS X create a local user account (folder), using AD / Kerb authentication, and cache those credentials locally, meaning if you are off / away from your AD network, you can still login.
(Apple has yet to fix the red / green ball inidcators totall, kind of work, I see no green ball)
I can login in 2-5 seconds, and copyig to SMB volumes is pretty fast.
One has to take into account one's network topology and architecture. We have a brand new Foundry Gig E wired and Aruba wireless 802.11n network, brand new NetApp NAS's, Infoblox DNS, AD 2003 (going to 2008).
And as I say AD login and SMB is working and working fast in 10.7.2
I am not saying that the AD plugin in 10.7.2 is perfect or totally fixed, I am still testing. I am sure Apple has more work to do.
Apple can not know everyones unique network topology, impossible.
As someone did above, take a fresh 10.7 / 10.7.1 install and then update with 10.7.2, if after this AD bind / auth is still not working, there is something going on relative to your network topology and / or the 10.7.2 AD plugin.
As I say this 10.7.2 AD plugin is working fine in our rather extensive and sophistacted network, so Apple has done something correctly with regards to fixing the code in the 10.7.2 AD plugin (maybe not totally or fully).
A suggestion for AD would be to, once logged in (if taking a long time to log in), run tcpdump. There may even be an AD debug tool / log that can be run from the CL (dsconfigad or some other tool). Apple has a such a tool in Lion, for Open Directory, odutil (man odutil).
Since this happens at login, one might be able to grab a stackshot, when the issue occurs. (How to below).
Stackshot will be especially helpful and telling in the case of SMB slowness, spinning BB's, etc.
Point is yes of course it is frustrating, but in my experience Apple needs actual data from various user's network environments, in order to have any idea what may be the potiential or actual issue.
This is exactly what I did when Lion 10.7 shipped (bug was already filed in beta and GM versions).
Took a lot of back and forth, but I am pretty sure the data I captured was helpful in getting this fix (at least that I am seeing) in 10.7.2.
--------
Stackshot Instructions:
1. Enable stackshot by typing the following command at the prompt in the Terminal application (Terminal.app can be found in /Applications/Utilities):
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.stackshot.plist
2. When the problem occurs, press the following keyboard keys simultaneously:
Control + Option + Command + Shift + . (Period)
3. Wait for a minute or two for the stackshot files to be written to disk.
4. Check /Library/Logs/stackshot.log and /Library/Logs/stackshot-syms.log files.
Apple Bug Reporting
https://bugreport.apple.com/cgi-bin/WebObjects/RadarWeb.woa/wa/signIn