LDAP Admin Filter not working

I have created an ActiveDirectory Auth source, which works completely fine for copying the normal user accounts, but not for the Admin checkmark.

Both the UserFilter and the AdminFilter are exactly the same, just the name of the group is different. One works, the other doesnt.

(&(objectCategory=Person)(memberOf=CN=Gitea,CN=Users,DC=some,DC=rz)(sAMAccountName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))

(&(objectCategory=Person)(memberOf=CN=GiteaAdmin,CN=Users,DC=some,DC=rz)(sAMAccountName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))

Both groups exist, I got users in the user, I got users in the admin and i got users in the admin and user group.

Whatever I do, none of the users gets marked as an admin. If I edit someone and make him an admin, on next resync he is a normal user again.
What am I doing wrong?

Version 1.11.2 (and 1.9.6 as well).