LDAP Authentication is accessible by administrator in Settings > Authentication Provider > Ldap tab in Admin Area.
Check Enable LDAP Authentication checkbox.
(make sure that $conf['auth_remote'] in the file admin/config.inc.php is set to 1)
In order to use nested groups in Active Directory, you should set the LDAP membership attribute to member:1.2.840.113556.1.4.1941:
This is a special rule to perform a recursive group search.
For more information, see the following:
https://msdn.microsoft.com/en-us/library/aa746475(v=vs.85).aspx
https://blogs.technet.microsoft.com/...explore-group-membership-with-powershell/
Please note, if you set mapping LDAP groups to the KBPublisher privileges, all matched users will be assigned the specified privilege. In case you do not have an Unlimited license, the number of allowed admin users could be exceeded and privilege will not be assigned to user.
Important! If you leave this field blank, roles and privileges assigned for users in KBPublisher will not be updated upon login.Tip: You can disable LDAP authentication by setting $conf['auth_remote'] = 0; in file /kbp_dir/admin/config.inc.php