For the next release of Wildfire (i.e. 2.6.0) you will be able to clean up the server caches so that the new group information is loaded again from LDAP. This workaround will work for users that are not logged in since the server will not push a new roster to connected users. We still have a week to release Wildfire 2.6.0 and I will try to include a fix for JM-379 that will include a background process that will check LDAP novelties and update cached groups so that loaded rosters are updated.
Meanwhile, your best option is to make all required LDAP changes at once and then have a planned restart of the server.
Hope that helps.