I'm currently using AD on a corporate network with 8.05.2 on windows, and I've tried the suggestions in the other two related posts with no luck so far.
When using the 'groupquery' setting: (&(samAccountName=$1)(objectCategory=group)), I can add groups by their samAccountName without a problem (and usually that's the same as their cn, displayname, and name). However, a fair amount of the time the samAccountName is different from the displayname/name, and as a result, I have to go into ADSI edit to figure out what it is, which I would do if that also didn't mean that users would then have to know the samAccountName to assign permissions as well.
So I tried using:
and removing the setting altogether, and mainly the same issues occurred, as follows:
if the samaccountname was the same as the name being added, everything worked perfect. If the two differed, the following error occurred:
Group '#SE - AMERICAS' not found in the external authentication provider
Additionally, giving bunk group names gave the following error:
Group '#SE - AMERADFAD' not found
So it's hitting it somehow and then getting a different error? MaxM, do you have the link to the source for the service? It may be helpful if I can understand it a bit better.