I did work for me on vCSA 5.5.0a and the upgrade to 5.5.0b broke it.
DNS PTR is set up, lw-get-dc-name looks ok, but sso log shows strange errors:
vmware-sts-idmd.log:
2014-01-20 09:21:21,947 WARN [LdapErrorChecker] Error received by LDAP client: com.vmware.identity.interop.ldap.LinuxLdapClientLibrary, error code: 1 2014-01-20 09:21:21,947 ERROR [LinuxLdapClientLibrary] Exception when calling ldap_one_paged_search: base=DC=tpip,DC=org, scope=2, filter=(objectClass=user), attrs=[Ljava.lang.String;@413249b, attrsonly=0, sizelimit=0 com.vmware.identity.interop.ldap.OperationsErrorLdapException: Operations error LDAP error [code: 1] at com.vmware.identity.interop.ldap.LdapErrorChecker$1.RaiseLdapError(LdapErrorChecker.java:32) at com.vmware.identity.interop.ldap.LdapErrorChecker.CheckError(LdapErrorChecker.java:826) at com.vmware.identity.interop.ldap.LinuxLdapClientLibrary.CheckError(LinuxLdapClientLibrary.java:781) at com.vmware.identity.interop.ldap.LinuxLdapClientLibrary.ldap_one_paged_search(LinuxLdapClientLibrary.java:565) at com.vmware.identity.interop.ldap.LdapConnection$5.call(LdapConnection.java:635) at com.vmware.identity.interop.ldap.LdapConnection$5.call(LdapConnection.java:632) ...
AD is Windows 2012 R2