find all memberOf groups, including cross-domain, of a group using LDAP

Question

So this is my configuration (simplified for the sake of simplicity):

Setup:

I have two DCs (numbered list for reference):

1. DC=one,DC=company,DC=com
2. DC=two,DC=company,Dc=com

In each of them I have a few groups:

1. DC=one,DC=company,DC=com
   1. one.company.com\some\folder\group1
   2. one.company.com\some\other\folder\group2
   3. one.comapny.com\some\different\folder\here\group3
2. <b>DC=two,DC=company,Dc=com
   1. two.company.com\some\folder\group4
   2. two.company.com\some\other\folder\group5

Then group1 is a memeber of:

• one.company.com\some\other\folder\group2
• one.comapny.com\some\different\folder\here\group3
• two.company.com\some\folder\group4

So group1 exists in the one.company.com DC and is a member of groups that exist in both DCs: one.company.com and two.company.com.

Question

I'm trying to figure out how I can query AD for group1 and get all of the groups which it is a memberOf across all the DCs?

This is the result of various LDAP calls I've tried:

• <LDAP://DC=one,DC=company,DC=com>;(&(objectCategory=group)(objectClass=group)(name=group1));name,memberOf;subtree - returns the 2 groups in one.company.com but not the group in two.company.com
• <LDAP://DC=company,DC=com>;(&(objectCategory=group)(objectClass=group)(name=group1));name,memberOf;subtree - error (as expected)
• <GC://DC=company,DC=com>;(&(objectCategory=group)(objectClass=group)(name=group1));name,memberOf;subtree - returns the 1 group in two.company.com but not the groups in one.company.com (but not sure why)
• <GC://DC=corp,DC=company,DC=com>;(&(objectCategory=group)(objectClass=group)(name=group1));name,memberOf;subtree - returns the 1 group in two.company.com but not the groups in one.company.com (but not sure why)