ldaplist -d group \* - Not Working (Object not found) from Solaris 10to Windows 2008 R2 Active Direc

Our Solaris 10 clients are using Windows 2008 R2 Active Directory for authentication (Kerberos) and (attempting) authorization (LDAP), but the LDAP part is erroring out. Here's the sequence of events:

On Solaris 10 client:

ldaplist passwd \*

-Works correctly, and lists all users from Windows 2008 R2 Active Directory

However, when I do the same command for groups, it errors out:

ldaplist group \*

-Errors out with:

ldaplist: Object not found

The AD groups for UNIX I've chosen the NIS domain on the UNIX Attributes tab, just like I did with AD UNIX users.

Other commands that do work between Solaris 10 and Win 2008 R2 AD:

kinit <user>
klist
klist -k
ldapsearch -h <DC> -D cn=proxy,cn=users,dc=mydomain,dc=com -w <PASSWD> -b dc=mydomain,dc=com -s sub '(cn=tst*)'
ldapsearch -h <DC> -s base -b "" "(objectclass=*)"

The ldapsearch will actually list my groups (my groups are named tstgrp1, tstgrp2, tstgrp3, tstgrp4), but I think this works because it's searching for the Common Name (CN) tst*, and not for a type of object (group).

These commands do not work as expected:

getent passwd

-This only shows local UNIX users

getent group

-This only shows local UNIX users

The /etc/nsswitch.conf is set up for:

passwd: files ldap [TRYAGAIN=continue]
group: files ldap [TRYAGAIN=continue]
hosts: files dns
My references are:
"Windows Security and Directory Services for UNIX v1.0", Microsoft
http://technet.microsoft.com/en-us/library/bb496504.aspx
"Authenticating UNIX/Linux to Windows 2008R2. Part 1 : Set up Windows"
"Authenticating UNIX/Linux to Windows 2008R2. Part 2 : Solaris 10"
http://osdude.wordpress.com/2011/08/

Systems:
Solaris 10 (sparc)
Windows 2008 R2 with Identity Management for UNIX Role added.

 

I found a mistake in our /var/ldap/ldap_client_file, I had:

grouposixAccount=group

And it should have read:

grouposixGroup=group

Once I made the change, I could query groups.