Of course "MemeberOf" is not an attribute, it is full blown Object Class with attributes, just like the User and its SID.
I think you need to refine the query and go after "Ldap-Display-Name" from https://learn.microsoft.com/en-us/wi...ectedfrom=MSDN

I am sorry if i still missing something, though i don't want to waste your time, but it doesn't make sense to me to make the SQL query answer and parse the security objects, it logical to parse the SQL outside the AD controller, and make it use the standard query with filters to talk with the controller, also the controller should NOT be parsing any SQL, while the LDAP SQL parser should NOT be able to parse the details of the Objects, thus minimizing the attack surface, here why the filters should work and in my opinion it is the only way, again this is my take in designing such critical system, in other words the SQL here is merely an interpreter for AD query.