The LDAP configuration supports the mapping of simple hierarchies (parent/child) of a single type. This is specially useful when mapping groups, for example. Where groups can have a parent and also child groups.

​.ldap()
​  .mapping(Group.class)
​    .parentMembershipAttributeName("member")

In the example above, we're using the member attribute from LDAP to store the childs of a parent group.

In some cases, the performance can be impacted when retrieving parent/child hierarchies from the LDAP server. By default, the LDAP Identity Store is configure to resolve only three levels of hierarchies. But you can always override this configuration as follows:

​.ldap()
​  .mapping(Group.class)
​    .hierarchySearchDepth(1)

In the example above, we're telling the LDAP Identity Store to consider only one level depth. Which means that only the direct parent of a group will be resolved.