Change LDAP server and OUs

when we change LDAP authenticate from old LDAP server and OUs to a new one.
The user’s attribution is lost. Like user’s OTP token and group membership.

Any mitigation ?

add user’s group membership manually.
This is fixed. Thanks.