Trouble with mobile accounts on Windows domain.

I work in IT at a corporate office for a very large organization. I've found that I'm having trouble with Mac's that I have joined to the domain. After I bind the Mac and set it to create a mobile account, I've found that users are not able to log in. The error message that I am seeing is "You are unable to log in to the user account "account name" at this time. Logging in to the account failed because an error occurred." If I remove the option to create mobile account, the AD user is able to log in fine. Obviously this will present an issue with usability when the user takes their MacBook Pro home.

Initially I thought this issue started with the release and update to Yosemite. I was able to go back and downgrade an older Mac that we had to Mavericks and then I found that the issue occurs there as well. The strange thing is, my team can all log into these Mac's fine. It seems that the issue is for user's outside of IT.

I suspect there is some sort of AD access that is causing the issue. Either that, or the container that the Mac resides in Active Directory is somehow unavailable to these other corporate users.

I'm hoping someone with a more thorough background in Mac support on a Windows 2012 domain environment can chime in on this.

Thanks!