I was having the same issue.
After checking the DNS entries, i found there was no PTR record pointing to the AD server in the Reverse Lookup Zone.
I manually added a entry in in the Reverse Lookup Zone, pointing to AD Hostname and this error "cannot load users from selected domain" in sso was gone and i was able to see the users.
Hope this helps.
Abby