I have noted that there are several different search strings that can be used when setting up directory integration through AirWatch.
I have listed the most common ones below, sometimes you have to just try them to see which one works. NOTE THE SEARCH STRINGS ARE CASE SENSITIVE
Group Object ClassOrganizational Unit Object Class Group Search Filter Notes
Group organizationalUnit (&(objectClass=group))
group organizationalUnit (&(=group)) (AirWatch Default setting)
User Object Class User Search Filter Notes
User (&(objectCategory=person)(sAMAccountName={EnrollmentUser})) notice user and person
Person (&(objectCategory=person)(sAMAccountName={EnrollmentUser})) notice person and person
User (&(objectCategory=user)(sAMAccountName={EnrollmentUser})) notice user and user
Group (&(=group)(={EnrollmentUser})) (AirWatch Default setting)
Person samAccountName={EnrollmentUser}
Also, it has been found that the email user name pulled by default is mailNickname if you are using O365 you may need to change this to userPrincipalName