diff --git a/inventories/vagrant/host_vars/backend/keycloak.yml b/inventories/vagrant/host_vars/backend/keycloak.yml
index 6692a21..3c5e091 100644
--- a/inventories/vagrant/host_vars/backend/keycloak.yml
+++ b/inventories/vagrant/host_vars/backend/keycloak.yml
@@ -159,6 +159,25 @@ keycloak_user_federations:
           ldap.full.name.attribute: "displayName"
           read.only: "false"
           write.only: "true"
+      - name: "groups"
+        providerId: "group-ldap-mapper"
+        providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"
+        config:
+          groups.dn: "ou=groups,dc=local,dc=test"
+          group.name.ldap.attribute: "cn"
+          group.object.classes: "groupOfNames"
+          membership.ldap.attribute: "member"
+          membership.attribute.type: "DN"
+          membership.user.ldap.attribute: "uid"
+          groups.ldap.filter: ""
+          mode: "LDAP_ONLY"
+          user.roles.retrieve.strategy: "LOAD_GROUPS_BY_MEMBER_ATTRIBUTE"
+          memberof.ldap.attribute: "memberOf"
+          mapped.group.attributes: ""
+          drop.non.existing.groups.during.sync: "false"
+          preserve.group.inheritance: "false"
+          ignore.missing.groups: "false"
+          groups.path: "/"
       - name: "creation date"
         providerId: "user-attribute-ldap-mapper"
         providerType: "org.keycloak.storage.ldap.mappers.LDAPStorageMapper"