More notes: SMB2 is confirmed enabled on the vhost. Trying domainjoin-cli with an obvious bad domain results in NERR_DCNotFound [code 0x000000995], which I think tells me that I'm communicating to the DC on some level when I don't get that error. "domainjoin-cli fixfqdn" seems to mostly remove the fqdn from /etc/hosts. Not totally sure if the fqdn should or should not be in hosts, but neither option seems to be my smoking gun.
[root@vhost1:/etc/init.d] /usr/lib/vmware/likewise/bin/lwregshell list_values '[HKEY_THIS_MACHINE\Services\lwio\Parameters\Drivers\rdr]'
+ "SMB2Enabled" REG_DWORD 0x00000001 (1)
"EchoInterval" REG_DWORD 0x0000012c (300)
"EchoTimeout" REG_DWORD 0x0000000a (10)
"IdleTimeout" REG_DWORD 0x0000000a (10)
"MinCreditReserve" REG_DWORD 0x0000000a (10)
"Path" REG_SZ "/usr/lib/vmware/likewise/lib/librdr.sys.so"
"ResponseTimeout" REG_DWORD 0x00000014 (20)
"SigningEnabled" REG_DWORD 0x00000001 (1)
"SigningRequired" REG_DWORD 0x00000000 (0)
[root@vhost1:/etc/init.d] /usr/lib/vmware/likewise/bin/lwsm restart lwio
Stopping service reverse dependency: lsass
Stopping service reverse dependency: rdr
Stopping service: lwio
Starting service: lwio
Starting service reverse dependency: rdr
Starting service reverse dependency: lsass
[root@vhost1:/etc/init.d] /usr/lib/vmware/likewise/bin/domainjoin-cli join --advanced --preview domain.local administrator
Joining to AD Domain: domain.local
With Computer DNS Name: vhost1.domain.local
[X] [N] join - join computer to AD
[X] [N] krb5 - configure krb5.conf
[X] [N] cache - manage caches for this host
This last bit of status I've run multiple times, and once the krb5 returned [X] [S], so it thought that was correct at one point in my troubleshooting steps. I guess I'll do some digging into krb5.conf and see if anything stands out as misconfigured there.