Currently if a LDAP user belongs to an OU that contains the "/" character in it's name, login will fail. Windows currently allows the "/" character to be part of an OU name.
An error similar to the following may appear in the FMS log in debug mode
DEBUG [http-exec-5] com.quest.nitro.service.security.auth.spi.NitroExtendedLdapLoginModule - Failed to validate password
javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'DC=torts,DC=del,DC=tor,DC=ca,DC=qsft'