With the LDAP authentication, it is possible to retrieve first level groups (groups directly assigned to a user). I need to also retrieve groups in groups of a user.
To do this, we can define a recursion key for groups.
I have done it (see attached patch of ldap.class.php file).
It works perfectly with an Active Directory LDAP with the following configuration:
$conf['auth']['ldap']['server'] = 'domain.org';
$conf['auth']['ldap']['binddn'] = '
user@domain.org'; # also work without a static user but needed for email notifications
$conf['auth']['ldap']['bindpw'] = 'PassWord';
$conf['auth']['ldap']['usertree'] = 'dc=domain,dc=org';
$conf['auth']['ldap']['userfilter'] = '(userPrincipalName=%{user}@%{server})';
$conf['auth']['ldap']['mapping']['name'] = 'displayname';
$conf['auth']['ldap']['grouptree'] = 'dc=domain,dc=org';
$conf['auth']['ldap']['group_recursive_key'] = 'memberof';
$conf['auth']['ldap']['referrals'] = '0';
$conf['auth']['ldap']['version'] = '3';