DNS search path
Hmm...I got this solved.
My company uses pre-configured Lion images from our US headquarters to be cloned onto MacBook Air laptops. We have a forest with many domains and subdomains. I was in the Asia subdomain.
In a nutshell it was a network oversight on our part. What happened was:
I used the Accounts pane to bind a MacBook Air to a subdomain, which happens to be a DC nearest my office and something that makes sense geographically to my company.
Binding went through without a hitch, and i get a green light at the Accounts pane stating that I'm connected to the (let's name this...) asia.company.com domain.
When I logged out and proceeded to login as the new user (thereby to create his new mobile account on the MacBook), I couldn't login. There was a red light - "Network accounts are not available"
I tried unbinding, and rebinding using Directory Utility instead: No dice. Same issue.
Deleting and recreating the computer account on AD, and making sure on the Mac, the computername is correct: No go.
It was then I figured out that maybe the MacBook Air couldn't find the domain for authentication. I went into Network Settings, and in its DNS settings, the Search Domains were "company.com" in gray font, but I was in the asia.company.com domain.
So I added another entry to the Search Domains with "asia.company.com", and also added "company.com".
Upon logging out, the username field turned yellow, and then green.
My take: The DNS/DHCP administrator did not include the asia domain name in one of its Search Domains parameter when he configured his DHCP server to begin handing out addresses to computers in the network. My MacBook Air didn't know where to find my asia subdomain and thus a DC where I'm at.
So there, another potential rollout issue solved. I can now churn more MacBook Airs to my folks without worry
