This issue is typically present if LDAP access is blocked from the OC Scanner towards the given AD Domain Controller. The issue can also be compounded by the blocked Kerberos network port on the AD DC.
To correct the issue make sure ports TCP 88 (Kerberos), TCP 389 (LDAP) are accessible to any OC Scanners in the network analyzing their respective AD environments.
Additionally, make sure the user account running the scan has the correct permissions to access the given AD Domain Controllers and the given AD Domain member servers. By default AD Domain Administrators have all the correct permissions to access the AD Domain Controllers, as well as AD Domain member servers.