Its because your administrator account isn't in the base dn
also, The admin account isn't really an admin account. it's just used for reading ldap. So a regular domain user account will work. You should not be using a domain admin account!
try
base dn: dc=sm,dc=com
Administrator DN: user@dm.com
Then use you search filters to filter out users and groups.