Trying to import an LDAP group into CA PAM there is an error message, PAM-LDAP-0025 about group not found in the Domain:

Group is imported but no user is in it. All parameters in AD look right, however

CA PAM 4.x

One of the reasons why this may be happening is if we are connecting to an Active Directory server but the type of Target Application used to bind in 3rd Party --> LDAP is of type OpenLDAP

There seems to be some differences in the formats used by AD and OpenLDAP which result in this error 

Change the target application used to connect to Active Directory in Configuration/3rd Party/LDAP so that it is of type Active Directory, using port 636 and LDAPS as protocol