I use a couple of plugins to achieve this - first I sync groups to cohorts with ldap syncing scripts and then I sync cohort to system role with a cohort sync plugin.
Authentication
LDAP - Assign System Roles
This discussion has been locked so you can no longer reply to it.