KACE Product Support

I am trying to create LDAP labels based on AD OU groups.  I have the following AD structure that is structured the same for 6 locations:

Base DN--

    --Office1 (OU)

        --Servers (OU)

        --Workstations (OU)

When trying to create a search filter that selects the correct devices for the label, I am getting all devices in the domain or none.  I have read just about every article I can find on the topic, but I am still missing something somewhere.  Please help me understand the LDAP query feature and the LDAP Browser.

Here is what I am testing on:

Base DN:  DC=domain,DC=com

Advanced search and results: 

• (&(objectClass=computer)) - I get a list of all computers on the domain as expected
• (&(name=KBOX_COMPUTER_NAME)(objectClass=computer)) - I get "No matching Entries" but that is expected, if I use actual device name it matches on the one device, so I know the query is working

However, I need to query the specific OUs

• (&(objectClass=computer)(memberOf=OU=Servers,OU=Office1,DC=domain,DC=com)) - any time I try to include the "memberof" criteria I get "No matching Entries"
• (&(objectClass=computer)(memberOf=DC=domain,DC=com)) - I still get "No matching Entries" even without the OUs listed

I am fairly certain that I understand that I will need the "(name=KBOX_COMPUTER_NAME)" in the final query to make the LDAP label work correctly, but I would like to be able to test that I am selecting the correct computers in an OU.  How can I do this?

Thank you...