Hi, I think maybe the problem you're having is down to the way your company's AD is set up. In my own organisation, AD groups refer to their members by their Fully Qualified Domain Names (FQDN), as opposed to say cn, recordName, sAMAccountName or whatever.
For example, say whereas my user...