MemberOf as well as Member is an enumeration and contains a list of all Users rsp Groups. SQL works quite ok, so this is not the problem. In contrary to the docs, LIKE is not suported, but " = '*vvv'" instead of "LIKE '%vvv'". Additionally wrong spelled or non exiting attributes do not generate an error, but return Null. So you my receive one row, but with no data.

Finally I came up with a solution, that
- searches for the groups for a user
- identifies the SID of the user
- creates a list of the groups of the trusted domain
- checks if the SID is in the list of members of the group

If anybody is interested in the SQL statements or the code, that makes the SID readable and comparable, I´d be happy to post this here.