Missing "memberof" ldap attribute

[GANGSTA]

There are users with us that are missing the "memberof" ldap attribute when they belong to domain security groups. When we look in the ADUC, then it shows the user is a member of multiple groups. If you look are the users LDAP attributes, using any third party tool, the "memberof" attribute is missing all together. Can anyone tell me what is happening exactly? I am also not seeing any errors in the event logs. I have a domain admin permission and that has no effect on whether it shows or not. I also created new ID's and it also has the same problems? Can anyone please help me out? Thanks.

[absolute55]

The number of values in the memberof attribute will always be one less than the number of direct grop memberships shown in ADUC, because the "primary" group, usually Domain users, is never included. When the user is a member of only their primary group, then the memberof attribute has no values and technically nothing is saved in AD, so maybe it appears that there is no memberof attribute.