iDRAC 7 Active Directory authentication failing

I'm working with some Dell R520 servers equipped with iDRAC7, trying to set up Active Directory authentication and running into problems.  I'm going with a very basic setup (no cert, standard schema) with the user domain provided, pointing the iDRAC to specific servers by IP as domain controllers and global catalog servers.  I have an AD group configured for iDRAC access.  Everything is configured properly, but when I do the AD test, it shows that user authentication was successful, but user authorization failed.  The iDRAC does not seem to be able to parse the AD group successfully and not sure why.

I have compared these settings with some R540's which are working with Active Directory authentication in a similarly basic configuration, although the R540's are pulling their domain controllers and global catalogs from DNS based on the domain name provided with the user name.  I've duplicated the settings from the R540 to the R520.  The 540 works, the 520 does not.  Manually setting the IPs or FQDNs for the domain controllers and global catalogs on the R520 also makes no difference.  I've also attempted to point the iDRAC to older Server 2008R2 domain controllers/global catalogs and the results are the same.

What can I look at next?