Are the groups located under the OU that your LDAP authentication is directed to? The groups must be located in the OU referenced in your context in ldap auth settings. Did you check the box to create new cohorts? Your login is working correctly? Have you tried switching to samaccountname?