I have exactly same issue.
without test, FMC says - OK-
fmc/ftdv version 7.6.2.1 (build 3)

Test Complete: You may enter a test user name to further verify your Base Filter parameter.

then, adding user that is in the group....failed. netadmin is in ise_admins group.

binding
bind success
starting search...
base :OU=Security Groups,DC=main,DC=company,DC=com
filter :(CN=ISE_Admins)
user :netadmin
attrib :sAMAccountName
ldap_result: 0 -Success
found 1 entries...
-------------
CN=ISE_Admins,OU=ISE,OU=Security Groups,DC=main,DC=company,DC=com
sAMAccountName: ISE_Admins
-------------
search failed
Admin Users The following administrator shell access users (1) were found with this filter:
---------------
ise_admins
Users The following users (1) were found with this filter:
---------------
ise_admins
so it is looking for group...not user