Update Mar 2 2012. This article is useful but now out of date. Enhancements in 10.7.3 and a release 5.0.2 from Centrify have improved a lot of issues with .local domains. You can see the details in this blog article.
We've had a lot of contact with people having significant issues with their Macs joining to an AD domain ending in .local. (An example would be centrify.local). This is happening to people using the Apple plug-in or Centrify DirectControl.
If the home directory is located on a SMB share, it will take a long time to login.
If an Active Directory user logs in and tries to mount a SMB share folder in the Finder, it will take a long time to mount.
If the customer is using portable home directory syncing, it will be very slow.
For the Mac OS 10.7 (Lion) release, Apple changed the way a .local domain is handled by reserving it for Bonjour. When a user tries to login to a .local domain with only one level (that is, xxx.local), OS 10.7 first tries to resolve the name using multicast. It will try several times (with a default timeout of 5 seconds for each try), and if login fails it will then use standard DNS, causing the login delay and the delay in mounting SMB shares. Under these conditions, it may not be possible to ping domain.local, and therefore the adclient process will stay in disconnected mode for up to 60 seconds
This issue affects all Mac OS 10.7 users in a .local domain and is not specific to DirectControl- managed systems. Other hostnames are resolved first using multicast and then unicast.
Here is a link to a document that we've written to address these issues.