We're using reverse-proxy-auth plugin for authentication and role-strategy-plugin for authorization.

The users connect to apache httpd 2.4 which authenticates against Windows 2008 R2 active directory and passes user authentication to Tomcat/Jenkins.

In Jenkins the reverse-proxy-auth-plugin accesses active directory using its LDAP configuration to lookup a users groups.

We're using the role-strategy-plugin with active directory groups for authorization.
If I'm right, the lookup of users and groups by role-strategy-plugin for displaying correctness of groups and users also gets handled using the ldap functionallity of reverse-proxy-auth-plugin,

Since we switched from active-directory-plugin to reverse-proxy-auth-plugin , those groups no longer get shown with "group symbol" (multiple people icon) but get the same symbol displayed as single users (one person icon) in "manage and assign roles -> assign roles".

That's no major issue, but would be "nice to have" to get groups displayed differently from users despite of using reverse-proxy-auth-plugin.