Andy Snook of FastPath has a nice article on GP 10 security at MSDynamicsWorld.com. Most of you know that I'm a fan of FastPath's security tools and though the article is an overview, I learned a few things. For example, I didn't know that at login, GP sends the password through security 4 times. This is what plays havoc with the SQL server lockout policy.
Make sure you check out the whole article. I've also heard good things about FastPath's Configurator AD active directory connector for GP. We're looking at it for one of our clients and our tech guys have good things to say.