Need to be able to add VIP administrators that are in nested groups.
Group VIPadmins contains groups of admins. Your group filter will look like
memberOf:1.2.840.113556.1.4.1941:=CN=VIPadmins,CN=Users,DC=LOCALDOMAIN,DC=local
Administrator Group mapping goes to a nested group. When setting up the group mapping you would make the attribute show like
memberOf:1.2.840.113556.1.4.1941:
Also, see the below screen shot.