On my AD domain some users do not have "memberOf" attribute set, so these accounts do not appear in search results when I perform an LDAP query like this:
memberOf=CN=Group_A,OU=G-Security,OU=CB-Groups,OU=company,DC=lan,DC=name,DC=it
Performing that search gives me a partial list of Group_A members, only the ones with "memberOf" attribute populated. But if I browse Group_A with AD Users and Computers I can correctly see all members, and if I perform and LDAP search on Group_A I correctly receive all members in "members" attribute.
Reading the docs I found that "memberOf" is a calculated attribute, so I cannot edit it, but is there a way to re-calculate it? Or is there something wrong in the accounts that do not have "memberOf" attribute?
I am trying to have that LDAP query search working because it is used by an external application to retrieve the list of users enabled to use it.