Apply policy to all users who authenticate through LDAP

Is it possible to apply a policy to all users who authenticate through LDAP?
I’ve looked through the available template policy parameters available and none of them seem to mention the authentication.

Maybe my experience can help.
We have Vault users authenticated through LDAP (to AD). Here is my definition in terraform for that ability
resource “vault_ldap_auth_backend_group” “ldap_group” {
groupname = “your group name”
policies = [“your policy”]
backend = vault_ldap_auth_backend.ldap.path

Also in the UI go to the Auth MEthods, choose your LDAP, and then create a group. You just type the name of the group. Make sure the group is in the group DN in the LDAP setup.

Thanks for that information! I’m guessing that your answer implies there is not a way to apply a policy to all ldap users, but rather you have to find a group that encompasses the users you want to apply the policy to.

That’s what we have done. AD is also a mess generally to me.
No I haven’t tried to get all users before.

You may find what you are looking for here:

The policies that are defined here will be the base policies that get assigned to all authenticated LDAP users irrespective of whether the user is part of 0 or 100 groups.

You can always supplement additional policies to users at group level or even at the user level to further extend additional policies.