Tony,
I am not sure if what you describe is the same issue I experienced:
I found that you could not browse and see users in the same AD family but with different child domain as the domain where the Workflow agent was running. (e.g if WFAgent was running in xyz.com and I wanted to add people from location.xyz.com, I could not do that from the Add User dialog.)
The advice from Adobe Support for this one was to enable automatic creation of users, and as long as the trust was established both ways for all the AD forest servers, new users from any server in the forest could be added automatically. This appears to have worked in the case I am talking about.
Rgards,
Sanna