AD query and Nested Groups Problem

Hi was wondering if I could get some help with a AD Query problem involving nested groups. I have trolled through the other questions asked but don't they don't seem to be asking exactly what I am experiencing so here goes:

 

I have an access policy using the AD query function to look for users in a Global Group that is a memberof a Domain local Group. i have the nest Groups option checked in the Access Policy so that a recursive lookup will take place but it doesn't seem to be doing this.

 

We are using 11.5.4 image

 

So basically the AD Grouping looks like this:

 

GDL_Group_Example_1

 

-----GG_Group_Example_1

 

--------Useraccount_Example1

 

The expression in the AD Query function is as follows: User is a member of CN=GDL_Group_Example_1,OU=someotherOU,DC=somename,DC=somename,DC=local

 

If I move it back to just looking in the GG_Group_Example_1 and taking off the nested group feature I can get the Access Policy to work.

 

Another thing I was curious about is if there is any restrictions on the length of the AD groups names as I saw an article somewhere about the possibility of an attribute being truncated in session variables??

 

Hope this is enough detail ;)

 

Many thanks for any advice