ad-auth/deny-if-no-groups

The TLS Mode to use for talking to the AD Server

This parameter, if set to true, denies access to users who authenticate but do not match any AD groups specified in the ad-auth/groups parameter. The default value is false.