It is great that they re-implemented a feature from 2007 which was a simple way to import user profiles from Active Directory. In SharePoint 2010 they bet everything on FIM and the User Profile Synchronization service, which is also great and very powerful, particularly if you want two-way synchronization. But it's a bit of a sledgehammer to crack a nut if all you want is a quick import of profiles to get your SharePoint Social extravaganza up and running. That's where ADI comes in - it's easy to set up and it's fast.
Except when you get the error above. And not just one. Every time you click on the "Populate Containers" button you get another one, and the list gets longer the more you try. After fiddling around with the domain to make sure it is right, you might start to wonder where in fact you are supposed to "explicitly specify the domain controller". It would be great if the developers who wrote the error message had explicitly specified what the heck they were talking about.
So it turns out that what this message means, or rather CAN mean, is that you didn't set a valid account name, or more specifically you didn't do it in the format domain\user. If you just supply an invalid account name, or the passwords don't match, or the password is wrong, you get a helpful and accurate error message. But miss off the domain...
And in fairness, it does tell you the format it expects underneath. But who reads that stuff when you are in a hurry, or doing a demo? Actually who reads it anyway?