Hello to all - I obviously don't speak for Apple in any way but Enterprise Connect is for real. I was given that same document by an Apple SE & was told by them that it was ok to distribute it & to tell our customers to contact their Apple SE if they had questions about it. Hope that clears this up a bit. Thanks.

sorry - 1 last thing meant to post this link as well:

OS X: Verifying DNS consistency for Active Directory binding

https://support.apple.com/en-us/HT201885

I'll +1 the Enterprise Connect. We took delivery of this last week and I've been playing with it since. We purchased it for the ability to script out some drive mappings, and the EC's mount/remount upon network detection. It also does some kerberos management that could have been done other ways, but it was handy to wrap them into one app.

We do bind to AD, and Apple seems to be pushing to use this with local accounts and not bind (I guess as a nod to their issues with AD) but that wasn't an option for us. Another +1 is the fact that AppleCare Support does support this as best they can. We can't use the built in password manager in EC, due to an internal complication (we use a 3rd party password manager which then communicates to AD and every other system) but the notifications are a good, too.

For me, the EC took only a few hours, and to get 2 days of professional services for a nominal cost was a win.

Can't see it mentioned already, maybe I have wrong end of the stick..

This will disable the password reset on Mac Computer Object in AD, which was causing an issue with us. There are potential security risks I suppose.

On client:

sudo dsconfigad -passinterval 0

Since when did the forums become a means to push 3rd party software and not solve the problem? AD bind dropping shouldn't be happening for OP. It doesn't happen for me and I don't use enterprise connect and we rely on the AD binding to work.