... dsquery needs to be elevated to query memberOf

Today after an hour of pain I have discovered weird beavior od dsquery command. I was trying to reproduce my yesterday work. Yesterday I queried users based on their membership using following filter in dsquery *.

(&(objectClass=inetOrgPerson)(memberOf=GROUPDN))

Yesterday it worked. Today .. no user is found. After a fair ammount of time I found a solution. Queires containing memberOf as part of the filter need to be executed inisde ELEVATED prompt.

Let me scream again .. UAC on the server is EVIL.