It uses LDAP. All of the integration is done through standard Microsoft API calls.
The dialog box that pops up is a standard windows call. I would test one of the built in AD groups to make sure it's working at all.
I've seen issues in the past with groups but never with a single AD user working.
Thanks for info.
I have done some additional testing and it appears that the AD user group is applied after about 1 hour (after I have added/removed users from the group), so it does appear to work.
However I was wondering if there is a setting in DLP / ePO that is able to configure it to syncronizing more often? As I would ideally want to be able to add users to an AD group and then for the settings to be applied to the users within minutes.