Great tutorial. There's one single point I'd like to make:

The tutorial says:

* Store Password using reversible encryption for all users on domain (Disabled)
Not sure of the implications...


Well, this is a setting to disable whenever possible, since if enabled it'll store passwords in a way in which they can be decrypted (typical trade-off for keeping legacy systems, I believe it's related to NTLM authentication and NT systems).