Openfire Trusted Domain Authorization Issue

I have one openfire server (Openfire 3.10.0, Hyper-V, ubuntu server). I have 2 domains connected via VPN with trusted connection betwen them.

On 1st domain i created LOCAL DOMAIN group and include groups from 2nd domain. In openfire settings i share new group to roster of all other groups.

On 2nd domain i CAN connect with spark to 1st domain with 2nd domain user. I CAN send messages both side. But user on 2nd domain not visible online in roster of 1st domain users. And not even its group is visible. But in 2nd domain roster all of users and groups are visible and online status.

What i missed in configuration?

There is related

ldap.autoFollowAliasReferrals true

ldap.autoFollowReferrals false

ldap.baseDN OU=usr,OU=organization,DC=domain,DC=com (2nd domain group in this OU)

ldap.connectionPoolEnabled true

ldap.encloseDNs true

ldap.groupSearchFilter (objectCategory=Group) (Domain Controller IP)

ldap.port 389

ldap.posixMode false

ldap.searchFilter (objectClass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1 .4.803:=2))

ldap.sslEnabled false

ldap.usernameField sAMAccountName

My big mistake! I cant login with 2nd domain user on 1st domain.