When using LDAP Plugin, groups are not read unless user is explicitly granted admin rights ahead of time (defeating the point of using LDAP groups).

I believe it is not a config issue as if the user is admin, they can, in fact, see groups with same config.

To Recreate:

1 - Set up LDAP Plugin to point to a working LDAP server with two user accounts (say, "admin" and "user" - make both have groups attached to them)
2 - Set Authorization to "Anyone Can Do anything"
3 - Verify you can login with each user and each user can see own groups by going to /users/<username> uri
4 - Set up matrix auth (any conditional auth will do, matrix is the easiest one though) and grant "admin" overall admin rights, and "user" overall "read"
5 - Repeat step 3, - at this point admin will see their own groups, but "user" will not be able too

This is not just visual, group based authentication does not work - looking in logs it appears that "user" only has "authorized" permission when no admin rights