Problem solved.
Reinstalled one last time and this time went for the single site configuration. Rebooted everything, including the offsite DC and paid special attention to Identity Source using the attribute editor in ADUC to retrieve the correct DN for both the users and groups. I also changed the authentication type to require a username and password and it all went in fine.
DR is go.