I can't set the passinterval to 0 as I need my users to authenticate with the AD and OD. Setting the passinterval to 0 will let a user that has already been authenticated login without any problems, but it doesn't pull any of the settings data from the OSX server as it can't verify group membership. One way I've been dealing with this is by deleting the kerberos file which is found here /private/var/db/dslocal/nodes/Default/config/Kerberos:YOURDOMAIN.NET.plist. You will only see this file if you are bound. If you want more information on your Kerberos ticket you can look in /System/Library/CoreServices/Kerberos.app, and that will give you all kinds of information like ticket cache, time remaining so own and so forth. If you don't need any real authentication you can just use the passinterval workaround that has been floating around; however, when the user changes password it will not change the computer password as the computer is not checking for it so, the user will continue to login using their old password.
To set the passinterval in terminal type "sudo dsconfigad -passinterval 0" without the ""
Well hope this helps.
For further reading.
http://www.macwindows.com/Readers-verify-modify-Kerberos-fixes-for-Mac-AD-binding.html
