Active Directory pam_ldap search returns 0 results

> Okay. I started using wireshark to monitor the information going back and
> forth between the AD and my linux machine.  I'm trying to authenticate users
> through AD via pam_ldap.  I can make a successful bind but when the user
> goes to do the search it doesn't return results.  I have the same exact
> setup in another office and it works fine, but this one that I'm working on,
> the AD isn't mine, and I don't have access to it.  If I issue an ldapsearch
> from the command line it works.. here is an example:
>
> LDAPSEARCH COMMAND:
> ================
> ldapsearch -vvv -x -W -D binduser@... -LLL
> "(&(objectclass=User)(sAMAccountName=jsmith))"
> ldap_initialize( <DEFAULT> )
> Enter LDAP Password:
> filter: (&(objectclass=User)(sAMAccountName=jsmith))
> requesting: All userApplication attributes
> dn: CN=jsmith,OU=Contrators,DC=hops,DC=org
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> cn: jsmith
> description: Jimmy
> givenName: jsmith
> distinguishedName: CN=jsmith,OU=Contrators,DC=hops,DC=org
> instanceType: 4
> whenCreated: 20061219205530.0Z
> whenChanged: 20070101204220.0Z
> displayName: jsmith
> uSNCreated: 2206049
> uSNChanged: 2651279
> homeMTA: CN=Microsoft MTA,CN=RH-EXCH,CN=Servers,CN=hops,CN=Administrative G
>  roups,CN=hops,CN=Microsoft
> Exchange,CN=Services,CN=Configuration,DC=HopS,DC=org
> proxyAddresses: smtp:jsmith@...
> proxyAddresses: X400:c=US;a= ;p=hops;o=Exchange;s=jsmith;
> proxyAddresses: SMTP:jsmith@...
> homeMDB: CN=Mailbox Store 4 (RH-EXCH),CN=First Storage
> Group,CN=InformationSto
>  re,CN=RH-EXCH,CN=Servers,CN=hops,CN=Administrative Groups,CN=hops,CN=Mi
>  crosoft Exchange,CN=Services,CN=Configuration,DC=hops,DC=org
> mDBUseDefaults: TRUE
> mailNickname: jsmith
> name: jsmith
> objectGUID:: nWOUBbOPdUW+jSjR8nEWlg==
> userAccountControl: 66048
> badPwdCount: 0
> codePage: 0
> countryCode: 0
> badPasswordTime: 128112802965635188
> lastLogon: 128112803066418373
> pwdLastSet: 128110353306467105
> primaryGroupID: 513
> objectSid:: AQUAAAAAAAUVAAAAVQehjxr3HWeam6GFVREAAA==
> accountExpires: 9223372036854775807
> logonCount: 0
> sAMAccountName: jsmith
> sAMAccountType: 805306368
> showInAddressBook: CN=Default Global Address List,CN=All Global Address
> Lists,
>  CN=Address Lists Container,CN=hops,CN=Microsoft Exchange,CN=Services,CN=Co
>  nfiguration,DC=hops,DC=org
> showInAddressBook: CN=All Users,CN=All Address Lists,CN=Address Lists
> Containe
>  r,CN=hops,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=hops,DC
>  =org
> legacyExchangeDN: /o=hops/ou=First Administrative Group/cn=Recipients/cn=wo
>  rltracuser
> userPrincipalName: jsmith@...
> objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=hops,DC=org
> lastLogonTimestamp: 128121577405726786
> textEncodedORAddress: c=US;a= ;p=hops;o=Exchange;s=jsmith;
> mail: jsmith@...
> msExchHomeServerName: /o=hops/ou=First Administrative Group/cn=Configuratio
>  n/cn=Servers/cn=RH-EXCH
> msExchALObjectVersion: 49
> msExchMailboxSecurityDescriptor::
> AQAEgHgAAACUAAAAAAAAABQAAAAEAGQAAQAAAAACFAAD
>
> AAIAAQEAAAAAAAUKAAAAAAAAAEMASAA6ADMAMgA2ADgAAAAAAQAAAAEAAAEAAAAgAAAAAAAAAAAAA
>
> AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQUAAAAAAAUVAAAAVQehjxr3HWeam6GFHgUAAA
>  EFAAAAAAAFFQAAAFUHoY8a9x1nmpuhhR4FAAA=
> msExchUserAccountControl: 0
> msExchMailboxGuid:: qsncZEFiX0SylodSUv+TWQ==
> msExchPoliciesIncluded:
> {2F6B8623-374D-4B15-B808-CB6FAFCE6F64},{26491CFC-9E50-
>  4857-861B-0CB8DF22B5D7}
> =======================
>
> Okay, now if I try to ssh into my machine which is setup to use pam_ldap to
> verify the password against this AD it fails.  Here is the info. wireshark
> is showing me:
>
> WIRESHARK INFO
> ===============
>     [The RTT to ACK the segment was: 0.001563000 seconds]
> Lightweight-Directory-Access-Protocol
>     LDAPMessage bindResponse(1)
>         messageID: 1
>         protocolOp: bindResponse (1)
>             bindResponse
>                 resultCode: success (0)
>         [Response To: 30]
>         [Time: 0.001563000 seconds]
>
> Frame 32 (66 bytes on wire, 66 byt
>
> ----------- so far so good, it just bound -----------------
>
> ------- okay now its going to issue the search-------------
>
>        NOP
>         Timestamps: TSval 1113900, TSecr 20408054
> Lightweight-Directory-Access-Protocol
>     LDAPMessage searchRequest(2) "cn=Users,dc=hops,dc=org" wholeSubtree
>         messageID: 2
>         protocolOp: searchRequest (3)
>             searchRequest
>                 baseObject: cn=Users,dc=hops,dc=org
>                 scope: wholeSubtree (2)
>                 derefAliases: neverDerefAliases (0)
>                 sizeLimit: 1
>                 timeLimit: 0
>                 typesOnly: False
>                 Filter: (&(objectclass=user)(sAMAccountName=jsmith))
>                     and: (&(objectclass=user)(sAMAccountName=jsmith))
>                         Filter: (objectclass=user)
>                             equalityMatch
>                                 attributeDesc: objectclass
>                                 assertionValue: user
>                         Filter: (sAMAccountName=jsmith)
>                             equalityMatch
>                                 attributeDesc: sAMAccountName
>                                 assertionValue: jsmith
>                 attributes: 0 items
>
> Frame 34 (88 bytes on wire, 88 bytes captured)
>
> ----------------- okay still so far so good... -------------------------
>
> ------------------- here is where there should be results.. but theres not
> --------------------
>
>  [This is an ACK to the segment in frame: 27]
>         [The RTT to ACK the segment was: 0.002079000 seconds]
> Lightweight-Directory-Access-Protocol
>     LDAPMessage searchResDone(5) [0 results]
>         messageID: 5
>         protocolOp: searchResDone (5)
>             searchResDone
>                 resultCode: success (0)
>         [Response To: 27]
>         [Time: 0.002079000 seconds]
>
> Frame 35 (66 bytes on wire, 66 bytes c
>
> =========END WIRESHARK INFO===========
>
> I have another environment setup using this same setup and it works fine..
> there are results in the search and everything..   Please help... Thanks, in
> advance.
>
>
>  

> Okay. I started using wireshark to monitor the information going back and
> forth between the AD and my linux machine.  I'm trying to authenticate users
> through AD via pam_ldap.  I can make a successful bind but when the user
> goes to do the search it doesn't return results.  I have the same exact
> setup in another office and it works fine, but this one that I'm working on,
> the AD isn't mine, and I don't have access to it.  If I issue an ldapsearch
> from the command line it works.. here is an example:
>
> LDAPSEARCH COMMAND:
> ================
> ldapsearch -vvv -x -W -D binduser@... -LLL
> "(&(objectclass=User)(sAMAccountName=jsmith))"
> ldap_initialize( <DEFAULT> )
> Enter LDAP Password:
> filter: (&(objectclass=User)(sAMAccountName=jsmith))
> requesting: All userApplication attributes
> dn: CN=jsmith,OU=Contrators,DC=hops,DC=org