Group and Role mapping map the LDAP Server/Active Directory roles with Joomla roles allowing the management of Single-Sign-On (SSO) for users based on their roles/groups.