So, strange to have select ".local" as top level domain name. I though it was a constraint due to existing Microsoft domain. Anyway...
DN can't be "ou=users,dc=domain,dc=local". At least "uid=something,ou=users,dc=domain,dc=local", with "something being existing uid.
Have a look at ldap content using ldap browser.