first of all:
is there a specific reason for this filter, seems a bit odd, since every ldap object has some kind of objectclass. as far as I understand this query it means:
list all objects with ( any objectclass and being in the group gromi ) or being in the group named grp_Support.
(|(&(objectclass=*)(memberOf=cn=gromi,OU=Groups,OU=Accounts,OU=dom,DC=dom,DC=dom,DC=DE))(name=grp_Support))
maybe
(|(memberOf=cn=gromi,OU=Groups,OU=Accounts,OU=dom,DC=dom,DC=dom,DC=DE)(name=grp_Support)) is just simpler?
to me this config looks good. does the following output:
ldapsearch -x -h ldap://dom.dom.de -D <ldap-user-dn> -W -b OU=Accounts,OU=MZ,DC=dom,DC=dom,DC=DE '(|(&(objectclass=*)(memberOf=cn=gromi,OU=Groups,OU=Accounts,OU=dom,DC=dom,DC=dom,DC=DE))(name=grp_Support))' dn
return back buchhaltung@domain.de?
If not, I recommend to open up a support case so that they can have a look at it.