One thing to check in you LDAP settings is what you are using for the authentication attribute, if you are not
using SamAccountName then the default claim mapping will not work and you will need to change to the
appropriate AD attribute.
If Loop1 can get logging of what is happening at sign on they might be able to shed some light on what is happening
