I ran my rule again, but this time watching the log viewer as you suggested. the rule completed and actually says the resources were imported. I was expecting my rule to import 6 resources and the log stated that 6 were exported from AD and the same number imported into NS.
So it appears my query works, but why don't I see the accounts? My assumption is that after the import completes that I should be able to go to Settings>Security>Account Management>Accounts and see the imported accounts. This is what I have been checking after running the rule, but the accounts don't appear.
I did notice this bit in the final log record associated with the import rule:
Source: DirectoryImporter::DefaultEndExportHandler
Description: ************** Directory Import Id Import User resources from domain starting from domain, SystemUsers and using the default column mappings and these resource associations. Import some users on the specified schedules. (guid) has completed creating items and NS messages for data loading. Note: not all exported resources will appear in the NS console until the NS has completed loading all the data from the exported NS messages.
Since i've been running the rule for over a day now, the records should've shown up by now. I've checked the nscap for queued NSEs and what not, but the folder is empty. Any ideas on what else to check for or do differently.