I am a consumer mod so really not experienced in corporate area Someone experienced in EPO will be by soon I hope
Some solutions comments from posts ... though might not be your situation
1. My problems was solved by changing the Application Server service to local admin account
3. Finally found the solution.
Apparently my domain controller did not have the application server role installed.
Installed that and synchronize it again and it worked.
1. installed application server role on DC
2. resync the active directory to a group
3. Add in the container name in the group details and click synchronize now
No. You should not need to install additional services on your domain controller.
Review McAfee Corporate KB - Failed to enumerate domains, authentication required (when attempting to manua... for possible resolution. If that does not help, open a support case and support can help review possible causes. You may also need to work with your network and Active Directory teams to identify any possible misconfigurations preventing this functionality from working.